ITS 532 Essay: GDPR Compliance Challenges & Cloud Computing Outlook

Verified

Added on 2023/04/25

AI Summary

This essay discusses the challenges of GDPR compliance for cloud organizations, focusing on the reinforcement of individual rights, substantial monetary fines for data breaches, and the complexities of data control and visibility. It highlights the need for organizations to adapt their IT security strategies and data protection systems to meet GDPR requirements. While GDPR presents challenges, it also offers opportunities for cloud computing to shine through innovative IT security strategies. The essay concludes that selecting the right cloud partner can significantly aid companies in becoming GDPR-ready.

Running Head: GDPR COMPLIANCE 0
GDPR AND CLOUD
COMPUTING

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

GDPR COMPLIANCE 1
Table of Contents
Introduction................................................................................................................................2
The Challenges...........................................................................................................................2
Outlook of Cloud Computing.....................................................................................................3
References..................................................................................................................................4

GDPR COMPLIANCE 2
Introduction
During the course of digitization, data security and data protection are continuously
coming under the spotlight and place a vital role in successful digital transformation.
For improving legal positions and establishing a uniform data protection law, a linkage is
being developed among various member countries connected with the EU. Some of the
important changes in relation with GDPR includes –
 Strengthening of rights of individuals with requirement of transparency in
information.
 There are substantial increases in the fines i.e. up to 2 to 4 percentage of yearly
revenue based on severity of the breach.
 Introduction of new obligations in relation to data security. For instance, privacy-
friendly default setting of electronic devices.
 Those nations who are not grounded in EU but gather data from citizens of EU also
come under these new regulations.
The Challenges
Security experts and corporate decision-makers are now preparing for new change
management due to introduction of GDPR. Firstly, there is a reinforcement in rights of all
concerned. This can bring substantial monetary approvals when it comes to data leakage in
the future and brings any sort of influence over the citizens of EU. Considering damage to
goodwill and brand image is also of well importance. Privacy concerns are publicized by
various media outlets and this makes a warning shot for all organisations that need to hire
various expertise for complying with the new requirement (Macaulay, 2018). The fines are
also increased drastically with entry of GDPR in May 2018 (Moore-Colyer & Afifi-Sabet,
2014). In many organisations, the GDPR topics gain attention of management including all
sizes due to high fines i.e., € 20 million or up to 4% of the yearly turnover. Lastly, data
control and visibility is also a concern and challenge for organisation. GDPR requires
organisations to provide data to user in usable format and this requires several changes in

GDPR COMPLIANCE 3
infrastructure and also ensure that this procedure is followed effectively where service allows
implementing retention policies if data must be deleted after a specific period of time.
Outlook of Cloud Computing
New regulations as per GDPR brings out various provisions in relation with data
security that includes both opportunities and challenges. An important pointer of “GDPR
readiness” is a perception how corporate- critically workloads drive on cloud infrastructures
(Linthicum, 2018).
Considering several enterprises, these new regulations of GDPR consider being a
complex project. However, GDPR also comes up with various opportunities in context with
cloud computing, for instance, to outshine by reframing and executing different and
innovative IT security strategies and data protection systems (Elezaj, 2018).
In mechanical expressions, cloud computing is defined as a data processing contract
where users of cloud are fully aware of the things that their data is managed all time. Provider
of cloud services only hold their purposes and rely on legal necessities considering each
service of cloud under the GDPR.
With having right cloud partner can help the company to become “GDPR-ready”
(Van Eyk et al, 2018).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

GDPR COMPLIANCE 4
References
Elezaj, R. (2018). GDPR and Its Effects On Cloud Computing retrieved from:
https://www.cso.com.au/article/647999/gdpr-its-effects-cloud-computing/
Linthicum, D. (2018). GDPR and the cloud: What you need to know retrieved from:
https://www.infoworld.com/article/3258852/cloud-computing/gdpr-and-the-cloud-
what-you-need-to-know.html
Macaulay, T. (2018). How to ensure GDPR compliance in the cloud retrieved from:
https://www.computerworlduk.com/cloud-computing/how-ensure-gdpr-compliance-
in-cloud-3663797/
Moore-Colyer, R., & Afifi-Sabet, K. (2014). We take a look at the core areas to consider to
be GDPR compliant while moving to the cloud retrieved from:
https://www.itpro.co.uk/cloud-computing/31722/gdpr-and-the-cloud
Van Eyk, E., Toader, L., Talluri, S., Versluis, L., Uța, A., & Iosup, A. (2018). Serverless is
more: From paas to present cloud computing. IEEE Internet Computing, 22(5), 8-17.