As more businesses move to a cloud-first mentality, Veritas Technologies warns that many are mistakenly abrogating their responsibility for data protection.
A global survey of 1,200 businesses by the multi-cloud data management company shows that 56% of companies operate with a cloud-first mentality when it comes to deploying new applications and managing workloads and that 83% of organisations that use, or plan to use, IaaS believe that their cloud service provider will take care of protecting their data in the cloud.
More than two thirds (69%) wrongfully believe that data protection, data privacy and compliance are the responsibility of the cloud service provider.
In addition, more than half of organisations surveyed for the Truth in Cloud study believe it is the responsibility of the cloud service provider to securely transfer data between on-premises and cloud (54%), to back up workloads in the cloud (51%) and to ensure application uptime (55%).
Jason Tooley, Veritas Vice President for Northern Europe, warns that organisations are wrong to assume that the cloud provider will take care of all data privacy and compliance requirements. He said: “Although cloud providers have a duty to ensure they help keep data secure and readily available, the ultimate responsibility of maintaining a compliance position with regulations such as GDPR lies with the organisation that owns the information.”
He added: “With the recently introduced UK Data Protection Bill, businesses should remember that they are the data controller, and that they must comply with all the obligations that the GDPR imposes.”