Information Age quotes Elliot Rose, PA Consulting’s head of cyber security, in its article on cloud security and how many organisations have been slow to adopt their technology.
“When using cloud IaaS, firms need to make sure their own software development takes into account the security requirements,” Elliot says. "For example," he continues: “How is it hosted; and who is hosting it? What are the level of controls?”
The article points out that different types of businesses will have varying data protection needs, however, all firms have a responsibility to protect customer and user data under the EU Update to Data Protection Regulation (GDPR).
Elliot goes on to say that there is now a “secure by design” approach driven by the regulation. He also points out an onus on users to “dig deep”, look down the supply chain and implement data impact assessments.