‘The 2016 Global Cloud Data Security Study’ surveyed more than 3,400 IT and IT security practitioners worldwide to gain a better understanding of key trends in data governance and security practices for cloud-based services.
According to 73% of respondents, cloud-based services and platforms are considered important to their organization’s operations and 81% said they will be more so over the next two years. In fact, 36% of respondents said their companies’ total IT and data processing needs were met using cloud resources today and that they expected this to increase to 45% over the next two years.
Although cloud-based resources are becoming more important to companies’ IT operations and business strategies, 54% of respondents did not agree their companies have a proactive approach to managing security and complying with privacy and data protection regulations in cloud environments. This is despite the fact that 65% of respondents said their organizations are committed to protecting confidential or sensitive information in the cloud. Furthermore, 56% did not agree their organization is careful about sharing sensitive information in the cloud with third parties such as business partners, contractors and vendors.
Nearly half (49%) of cloud services are deployed by departments other than corporate IT, and an average of 47% of corporate data stored in cloud environments is not managed or controlled by the IT department. However, confidence in knowing all cloud computing services in use is increasing. 54 % of respondents are confident that the IT organization knows all cloud computing applications, platform or infrastructure services in use.
Difficulty in controlling or restricting end-user access increased from 48% in 2014 to 53% of respondents in 2016. The other major challenges that make security difficult include the inability to apply conventional information security in cloud environments (70% of respondents) and the inability to directly inspect cloud providers for security compliance (69% of respondents).
72% of respondents said the ability to encrypt or tokenize sensitive or confidential data is important, with 86% saying it will become more important over the next two years.
Dr. Larry Ponemon, chairman and founder, Ponemon Institute, said that to ensure compliance, it is important for companies to consider deploying such technologies as encryption, tokenization or other cryptographic solutions to secure sensitive data transferred and stored in the cloud.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now