Dropbox is one of the organisations certified as compliant with the new ISO27018 code of practice for protection of personally identifiable information (PII) in public clouds. Although Dropbox is US-based company, more than 70% of its claimed 500 million users are outside the US, and so the company has already put a lot of effort into security and privacy in a global context.
The company gears up for the GDPR by launching its European data storage infrastructure in the third quarter of 2016 to provide customers with an alternative to US-based file storage. Although the new EU data protection rules are expected to come into effect in 2018, Mark Crosbie, head of trust and security for Dropbox in Europe, said anyone serious about GDPR compliance should be doing something about it now.
In terms of preparation, Crosbie said the smallest details can become the biggest challenges, such as ensuring every person in the company has been trained and certified on handling PII.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now