As the EU makes moves towards stricter data privacy rules, companies operating in the region are grappling with translating legal policy into business practices. In light of this transition, CipherCloud, a cloud security product firm, reports that it has expanded its Global Compliance Resource Centre to help organisations navigate data privacy.
Developed with the law firm DLA Piper, CipherCloud’s newest compliance resource is a whitepaper, “Meeting European Data Protection and Security Requirements with CipherCloud Solutions,” that explains how proper encryption and tokenisation of sensitive data can support compliance with both the existing EU Data Privacy Directive and pending EU Data Privacy Regulation. In several EU jurisdictions, properly encrypting and tokenising data before migrating it to the cloud enable companies to meet the protection threshold mandated by privacy laws, the firms say.
The white paper explores the most relevant, applicable data privacy rules and initiatives for the EU as well as how enterprises navigate the key challenges to adopting cloud services:
The regulatory requirements for processing “personal data” in the cloud
The security requirements for various types of sensitive cloud data
The protection of data processed in the cloud from seizure or any kind of access by third country law enforcement agencies
Dr Patrick Van Eecke, Partner and head of the Internet law group, DLA Piper, said: “The flow of sensitive data into various clouds has rightly attracted regulatory scrutiny. This raises the stakes for companies going to the cloud. Securing data appropriately is crucial to avoiding risks – from business interruptions, commercial loss, reputational damage and breaches of applicable laws. Our whitepaper aims to educate organisations on data privacy risks in an environment where legislation continues to shift.”
And Willy Leichter, Global Director of Cloud Security, CipherCloud, said: “Customers feel stuck between a rock and a hard place. Data privacy regulations in the EU are among the most stringent in the world, which can deter enterprises from the benefits of cloud adoption. Our Resource Center and collaboration with DLA Piper helps provide clarity on regulations as they change and guidance on applying these laws to a company’s technology and security strategies.”
CipherCloud will be discussing compliance best practices and demoing its cloud security platform at the InfoSecurity Europe Conference (June 2 to 4) at London Olympia in booth G60. Visit www.ciphercloud.com.
