skip to main content
Close Icon

In order to deliver a personalized, responsive service and to improve the site, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. By continuing to use this site and access its features, you are consenting to our use of cookies. To find out more about the way Informa uses cookies please go to our Cookie Policy page.

Global Search Configuration

Ovum view


Snapshots from a recent Ovum survey make some important points about the adoption of cloud-based services. Over 77% of respondents, ranging across many different countries, state that their organization’s “regulated and sensitive” data will be present within cloud or SaaS-based applications by mid-2018. Ovum believes that part of the reason for this is that some organizations do not have the resources to apply the right protection to this data if it is held internally.

Regulated data is putting owners between a rock and hard place

The need to appropriately protect data is perceived as increasing, and rightly so, Ovum believes. Adding to the pressures arising from the many threats to information security that now face enterprises, those with data from European operations will soon have to face the consequences arising from the EU General Data Protection Regulation (GDPR). With existing and future business plans at risk, many cloud providers will soon have much to do in order to facilitate customers’ compliance with GDPR, but our survey leads to the conclusion that many of those customers probably view having to undertake such compliance efforts themselves as a less appealing alternative. Organizations indicate they have doubts that cloud/SaaS can definitely cover all protection requirements, but in many cases there is a willingness to commit nonetheless to a cloud-based approach, in light of the difficulties of resourcing an in-house program to cover all the bases necessary.

Indeed, far from being able to look ahead with confidence, a fair proportion of survey respondents worryingly do not even currently have in place some of the protection measures that we would see as basic. With EU GDPR likely to be high on executives’ agendas due to a window of only two years to attain compliance after its likely transition into legislation later in 2015, organizations with such a gap in protection capabilities to make up might well trust that the cloud provider sector will do a better job of facing up to its own shortfall in technology (itself a very real one) than they themselves can manage. We believe that this particularly applies to end-user organizations of a lesser scale, because the necessary investment would be proportionally greater in their cases.

Ovum would caution that this approach might well be expedient, but not without risk, and we will provide more analysis soon to prove this point.


Further reading

Office 365: Trust, Security, and Compliance, IT0021-000083 (May 2015)

2015 Trends to Watch: Security,IT0022-000172 (October 2014)


Alan Rodger, Senior Analyst, Enterprise ICT Management

Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

+44 (0) 207 551 9047 - Operational from 09.00 - 17.00 UK time

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 7770704398 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now