Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cloud security remains a challenge for organisations: study

Adrian M. Reodique | July 29, 2016
Encryption is not yet pervasive in cloud environments.

Organisations are still struggling to secure their cloud environments despite considering it important in their operations, according to the 2016 Global Cloud Data Security study of Ponemon Institute and commissioned by Gemalto.

Ponemon Institute surveyed more than 3,400 IT and IT security practitioners worldwide to better understand the key trends in data governance and security practices for cloud-based services.

Majority of the respondents (73 percent) said cloud-based services are important to their organisations' operation and will be more significant over the next two years (81 percent). In fact, 36 percent of polled IT professionals believed their companies' total IT and data processing needs were met using cloud services today.

"Organisations have embraced the cloud with its benefits of cost and flexibility but they are still struggling with maintaining control of their data and compliance in virtual environments," said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto, in a press release.

More than half of the respondents (54 percent) said their companies do not have a proactive approach to manage security and comply with privacy and data protection regulations in cloud environments - where customer information, emails, consumer data, employee records and payment information were often stored.

Alarmingly, the survey revealed the number of customer information stored in the cloud has increased from 53 percent in 2014 to 62 percent this year. Respondents noted customer information is the most at risk in the cloud (53 percent).

In addition, 56 percent of the polled IT professionals said their organisations are not careful about sharing sensitive information in the cloud with third parties such as business partners and vendors.

While majority of the respondents (72 percent) believe encryption or tokenisation is important, it is not yet pervasive in the cloud. Only 34 percent said their organisations encrypt or tokenise sensitive data directly within cloud-based applications.

"Cloud security continues to be a challenge for companies, especially in dealing with the complexity of privacy and data protection regulations," said Dr. Larry Ponemon, Chairman and Founder of Ponemon Institute. "To ensure compliance, it is important for companies to consider deploying such technologies as encryption, tokenisation or other cryptographic solutions to secure sensitive data transferred and stored in the cloud." 


Sign up for CIO Asia eNewsletters.