Discover more from DPOInsider

Weekly newsletter highlighting the biggest news + issues in the world of Data Protection 👩‍💻

DPOinsider #30

Sneaky Google; Data security report

Dec 2, 2022

The DPOInsider covers the latest news and developments in data compliance and privacy. The DPO's favourite weekly read ☕️

Google sneaks past privacy permissions

How Google handles user data has always been a subject of concern for those of us in the privacy space.

It’s well placed to collect a lot of our data, with its services being used extensively across its own OS and from others.

But a recent post might show how Google will look to change some of its applications so that it can track users across different services.

The post points out that Google has begun to change its services to sit under the main Google domain.

This means that users that now give location access when accessing Google Maps at the URL google.com/maps will be giving permission for any other service that sits on the main google.com domain.

Which we think will eventually be all of them. From a regulatory perspective, this is a bit of a grey area.

The most alarming part is that these changes were implemented quietly, and without notifying users. And it’s part of a wider trend of tech giants taking the same approach.

2022 cloud data security report

Organizations continue to shift workloads to the cloud at a rapid pace to achieve faster time to market, increased responsiveness, and cost reductions. With the majority of organizations expected to have more than half their workloads in the cloud within the next 12-18 months, it is no surprise that cloud security continues to remain a top concern.

This 2022 Cloud Security Report, based on a comprehensive global survey of cybersecurity professionals, reveals these security challenges and offers fresh insights on the state of the cloud and cloud security today. The study reviews organizations’ choices and responses as they try to gain more confidence in securing their cloud environments.

Interesting findings in the report include:

Most organizations continue to pursue a hybrid (39%, up from 36% last year) or multi-cloud strategy (33%) to integrate multiple services, for scalability, or for business continuity reasons. Seventy-six percent are utilizing two or more cloud providers.
Organizations continue to shift workloads to the cloud at a rapid pace. Today, 39% of respondents have more than half of their workloads in the cloud, while 58% plan to get to this level in the next 12-18 months.
Cloud users confirm that the cloud is delivering on the promise of flexible capacity and scalability (53%), increased agility (50%), and improved availability and business continuity (45%).
Security professionals highlight lack of visibility (49%), high cost (43%), lack of control (42%), and lack of security (22%) as the biggest unforeseen factors to slow or stop cloud adoption.
Cloud security continues to be a significant concern for cybersecurity professionals. With an increase of two percentage points from last year, 95% of organizations are moderately to extremely concerned about their security posture in a public cloud environment.
Over three-quarters (78%) of respondents consider it very to extremely helpful to have a single cloud security platform with a single dashboard to protect data consistently and comprehensively across their cloud footprint.