There is a 'clear disconnect' between best practice and reality, when it comes to data sovereignty in the UK, new research says.
CNS Group carried out a poll during the InfoSecurity Europe 2016, and found some interesting and conflicting results among the 206 IT security professionals polled. Pretty much everyone polled (92 per cent) said it was either very, or fairly important, that all data is stored, accessed and backed up in the UK.
Yet, just 27 per cent were certain this was happening, right now. The rest basically had no idea where their data is stored, how it’s accessed and backed up.
CNS Group says that by doing so, businesses are putting themselves at multiple risks, including government access (key risk for 37 per cent of respondents), lack of data integrity (21 per cent), and access controls (22 per cent).
“In order to guarantee compliance with existing and forthcoming data protection legislation – such as the EU General Data Protection Regulation – organisations regardless of size will need to know where exactly in the world their data is stored and managed,” said Shannon Simpson, CEO of CNS Group.
“Following Brexit, UK organisations will still need to comply with the EUGDPR if trading in the EU. If comprehensive questions about data sovereignty are not currently part of an organisations data governance strategy, they should be.”
Head of Programmes, Cyber and National Security at techUK, Talal Rajab, said appropriate cyber-security processes are essential for businesses if they want to keep on growing and maintain user confidence in their services.
Image source: Shutterstock/Artem Samokhvalov