With EU Data Protection Regulation on the horizon, will companies be ready?

European-Union-150European businesses are not prepared to meet regulatory requirements outlined in the EU Data Protection Regulation, due to be enacted by the EU parliament in 2015. That’s the story told by a survey of 1,500 office workers in the UK, France and Germany, conducted by Sophos.

Although a large majority of poll respondents (84%) agree that stricter data protection requirements are needed, most lack confidence that their employers are compliant (77%), and many do not know what type of data protection their companies currently have in place.

During a roundtable discussion about the survey, our security experts talked about the current state of data protection and how the new requirements might impact businesses.

Anthony Merry, director of product management in the data protection group at Sophos, said companies have to get a better understanding of not just what regulations require, but what data protection actually is.

“Many of the companies I talk to still do not understand what data protection is, why businesses need to do it and why it is important, and that needs to change,” he said, according to ComputerWeekly.

Some of the proposed changes to the EU Data Protection Directive include huge fines for non-compliant companies in the event of a data breach — as much as 5% of global turnover, or €100m, whichever is higher.

Compared to relatively lax data protection laws in the United States, such punitive laws could be seen as harmful to businesses.

However, if companies are encrypting their data — on disks, mobile devices, storage drives, and in the cloud — they don’t have to worry as much.

“If data is encrypted, even if IT systems are breached, companies will not be liable under the law,” Anthony said.

Unfortunately, businesses in the countries we surveyed have a long way to go to complete data protection.

According to our survey, only 62% of UK companies are encrypting laptops, along with 36% in France and 56% in Germany. Encryption of mobile devices is even farther behind: 41% in the UK, compared to 21% in France and 32% in Germany.

does-your-company-encrypt-650

Learn more about data protection

Sophos SafeGuard Encryption solves the major challenge of managing encryption across multiple platforms, devices, and cloud environments. Users and IT staff can share data safely between Windows, Mac and mobile devices – securing data wherever it lives and wherever it is sent.

For more information about SafeGuard Encryption, get our free whitepaper Managing BitLocker With SafeGuard Enterprise (registration required).

Or download our Encryption Buyers Guide to learn more about how to choose the best encryption solution for your needs.

4 thoughts on “With EU Data Protection Regulation on the horizon, will companies be ready?

  1. Pingback: FBI Director James Comey says Apple and Google go “too far” with default encryption | Naked Security

  2. Pingback: ste williams – FBI Director James Comey says Apple and Google go "too far" with default encryption

  3. Pingback: EU's New Privacy Laws: What They Mean for the Cloud and You - PerfectCloud Blog

  4. Pingback: FBI Director James Comey says Apple and Google go “too far” with default encryption | Information and Web Technology Security Alerts

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s