A recent Bitdefender survey shows that trust is vital when companies choose a cloud provider. Most respondents place greater trust in suppliers from their own country.
An overwhelming majority of US IT decision makers still have the most confidence in storing data in their own country. After the US, the main countries US IT decision makers favor for data storage are Canada, the UK and Japan.
After the UK, UK IT decision makers trust the US, Germany, Japan and France, while only 5% of Germans would store their data in the US.
Most German respondents place Germany first (89%), followed by the Netherlands, Japan and the UK.
The least-trusted destination for data storage is India, mentioned by 44% of US respondents, 35% of UK respondents and 43% of German respondents.
It’s worth noting that IT decision makers did not mention Russia or China among the least trusted 10 countries, showing that they are not even taken into consideration as a viable option for data storage by respondents based in the US, UK, and Germany. They may have also been mentioned as others (by less than 3% of those surveyed).
“If businesses or governments think they might be spied on, they will have less reason to trust the cloud and it will be cloud providers who ultimately miss out,” Neelie Kroes, former European Commission VP for digital affairs, said in a speech, as cited by The Guardian. “Why would you pay someone else to hold your commercial or other secrets, if you suspect or know they are being shared against your wishes? Front or back door – it doesn’t matter – any smart person doesn’t want the information shared at all. Customers will act rationally and providers will miss out on a great opportunity.”
The European Data Protection Supervisor, EU’s authority responsible for privacy and data protection, says information processed in the cloud usually flows through - and is stored in - various jurisdictions across the globe that might not offer an equivalent level of protection: “Cloud providers must, therefore, guarantee by way of a contract with the customer or in binding corporate rules, that all transfers of information to non-EU jurisdictions will meet specific data protection requirements to provide adequate safeguards. (…) Ideally, they say, under the terms of the contract, customers should be informed about access requests from law enforcement agencies. Moreover, information should only be handed over to law enforcement bodies in accordance with clear procedures defined in international or bilateral agreements. “Such procedures are under discussion but in many cases are not yet official agreements.”
Bitdefender’s survey confirms that the US is perceived as the least trusted destination by 54% of German IT decision makers, and by 14% of UK IT decision makers.
Besides the aforementioned European regulations, one reason for this distrust might be that European companies distrust US suppliers and are concerned about data privacy, following the rescinding of the Safe Harbour data sharing agreement and the Edward Snowden leaks about potential mass-scale US snooping in the EU, as the BBC has noted.
This survey, conducted in October 2016 by iSense Solutions for Bitdefender, included 503 IT security purchase professionals from enterprises with 1,000+ PCs based in the US, the UK and Germany. Half of the respondents originate from the United States, while 153 are from the UK and 100 from Germany.