Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Organizations Confident in Sending Sensitive Data to the Cloud Despite Security Fears

According to the results of a cloud security survey conducted by Ponemon Institute, sponsored by Thales, a growing number of organizations are pushing sensitive and confidential data into the cloud. This movement of data happens with confidence, the study says, despite concerns over data protection.

According to the results of a cloud security survey conducted by Ponemon Institute, sponsored by Thales, a growing number of organizations are pushing sensitive and confidential data into the cloud. This movement of data happens with confidence, the study says, despite concerns over data protection.

Earlier today, SecurityWeek posted tips on cloud security policy creation, so the Thales study seems to align well here. Based on the numbers, more than 50 percent of the respondents (4,000 organizations) confirmed that their organizations store sensitive or confidential data to the cloud, which is an increase of about 10 percent when compared to last year’s study.

Of those who transfer this type of data to the cloud, 60 percent said that they believe the cloud provider has the primary responsibility for data protection, and 22 percent said the consumer was responsible. Yet, when it comes to IaaS deployments, these figures are reversed. However just over half of respondents say they don’t know what their cloud provider actually does to protect their data.

Yesterday, in a report dealing with a separate study of 798 IT professionals from Ponemon, it was revealed that more than 80 percent of them did not know how much of their organization’s data is stored on cloud file sharing services or mobile devices. Further, most organizations did not have technical controls in place to protect regulated data on mobile devices.

“Staying in control of sensitive or confidential data is paramount for most organizations today and yet our survey shows they are transferring ever more of their most valuable data assets to the cloud. In this, our second year of conducting this survey, we wanted to dig a little deeper and explore the difference in attitudes about the most common types of cloud services – IaaS, PaaS and SaaS,” commented Larry Ponemon, chairman and founder, Ponemon Institute in a statement.

“Perceived responsibility for data protection, awareness of security measures, confidence and impact on overall security posture illustrate important regional and service type differences but overall the trend is positive. Respondents generally feel better informed, more confident in their cloud service providers and more positive about the impact on their security posture compared with last year.”

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.