FileCloud, a cloud-agnostic Enterprise File Sharing and Sync (EFSS) platform, has announced the availability of its General Data Protection Regulation (GDPR) compliance support for organizations utilizing private cloud enterprise file sharing.
The FileCloud platform would provide a set of “easy-to-use” features supporting enterprise organizations to adhere to the wide impact of GDPR, including complete EU data-residency and support of GDPR compliance across both private and public cloud deployments.
Additionally, the cloud storage provider introduces the ability to manage multiple policies across users, including GDPR, which means that organizations can choose to show GDPR specific consent only to users in the EU and not those who reside elsewhere.
The GDPR is a broad set of rules governing data protection for all individuals within the EU and carries with it “stiff penalties of 4 percent of revenue” for companies that fail to comply. The GDPR regulations go into effect May 2018 and apply not only to companies located within the EU but any company dealing with user data of EU citizens. As one of the most ambitious and complex regulations passed by any government to protect user privacy, companies of any size may find themselves unprepared, states FileCloud.
“FileCloud customers now have a platform to adhere to GDPR requirements, providing secure data protection and user privacy while allowing companies to refocus on their product,” said Madhan Kanagavel, CEO of FileCloud. “With regulations going into effect in a matter of months, now is the time to ensure your organization is prepared for the impact of GDPR regulation. FileCloud is an optimal platform to help every organization to achieve full compliance in a rapidly changing landscape of government regulations.”
FileCloud’s new features would support organizations toward compliance of GDPR requirements in the following ways:
- User Consent – GDPR requires that all users provide explicit consent to track personally identifiable information (PII). FileCloud would offer privacy settings to ask for explicit consent from users while accessing, viewing or downloading files from FileCloud.
- Breach Notification – GDPR requires that users are notified of any breach. While breach notifications must be handled by the customer, FileCloud has detailed policies and breach plans in place for customer data in FileCloud Online.
- Right To Access – GDPR provides that users may request access to any information companies possess relating to them. FileCloud allows an organization’s data protection officer (DPO) or administrator to search for user PII across all file content and activity logs.
- Right To Be Forgotten – GDPR provides that users may request the deletion or anonymization of any data companies possess relating to them. FileCloud would allow administrators to delete or anonymize all user data, including any traces in FileCloud access logs.
- Data Portability – GDPR provides that users may request a copy of data for use elsewhere. FileCloud would allow the export of files in standard formats and activity logs in easily readable CSV files.
- Privacy By Design – GDPR requires companies to provide privacy, regardless of technological implementation or design. FileCloud is built on open standards thus offering flexibility of deployment in private, public, or hybrid cloud environments. FileCloud offers data residency, allowing customers to select the region of their choice for storing and processing data.
Enterprise File Sharing
“Many well-known enterprise file sharing and sync SaaS are not fully GDPR compliant yet,” said Venkat Ramasamy, Chief Operating Officer (COO) of FileCloud. “These providers are putting themselves, their customers and partners at huge risk. FileCloud mitigates risk by providing complete control of the software infrastructure to manage data and regulation requirements.”
Based in Austin, Texas, FileCloud offers two products – Tonido for consumers, and FileCloud for businesses – that are used by millions of customers around the world, ranging from individuals to Global 2000 enterprises, educational institutions, government organizations, and managed service providers (MSPs).