The Schwartz
Cloud Report

Blog archive

A Cloud Boom, Despite Security Worries

Security concerns might be the top inhibitor to using public cloud services, but the horses may have already left the barn.

A global survey of 4,000 executives and IT managers found nearly half (49 percent) already use cloud services to store sensitive or confidential information, and another 33 percent plan to do so over the next two years. Only 19 percent said they don't, according to the survey, conducted by research consultancy Ponemon Institute and commissioned by Thales, a Microsoft ISV that provides security and encryption software and services.

The findings piqued my attention given public cloud services are a non-starter for many large organizations, especially those with regulatory or compliance restrictions. However, the Ponemon study canvassed enterprises of all sizes including small and mid-sized organizations, explained Ponemon institute chairman and founder Larry Ponemon.

I pointed Ponemon to the findings by the Open Data Center Alliance (ODCA), in which 40 percent of its membership said security was the key barrier to using public cloud services. "Even organizations that say security is an inhibitor still seem to be using cloud services," Ponemon remarked.

The findings also showed that 44 percent believe cloud providers are responsible for protecting data in the cloud, while 30 percent felt it was their own responsibility and 24 percent reported it should be shared.

"Like anything else, you need to be careful in selecting your business partners," Ponemon said. "A public cloud provider is a business partner and the fact they have access to your data, and possibly confidential and sensitive information is a big deal, and organizations need to see the cloud as a place that can be very insecure and the source of data breaches and security exploits. Not all cloud providers are the same."

When asked about the impact of cloud services on an organization's security posture, 44 percent said it had no change and 39 percent said it decreased. Only 10 percent said it increased, while 7 percent were unsure.

Only a small percentage, 11 percent, said their cloud provider encrypts data for them, while the rest assume responsibility for encryption. Of those 38, percent encrypt data in transit, 35 percent do so before it is transferred to a cloud provider and 16 percent use encryption selectively at the application layer within a cloud environment.

Thirty-six percent of those using encryption handle key management within their organizations, while 22 percent rely on a third party other than the cloud provider. Another 22 percent let the cloud provider manage the keys and 18 percent said it was a combination.

Posted by Jeffrey Schwartz on August 29, 2012


Featured

  • Microsoft Starts Countdown to Dynamics GP End-of-Support

    Dynamics GP, Microsoft's venerable enterprise resource planning (ERP) solution for midsized businesses, is set to lose support in four years.

  • Image of a futuristic maze

    The 2024 Microsoft Product Roadmap

    Everything Microsoft partners and IT pros need to know about major Microsoft product milestones this year.

  • Windows Recall Preview Starts Rolling Out with Windows 11 24H2

    Microsoft on Tuesday began rolling out Windows 11 version 24H2, describing the update as a "full OS swap that contains new foundational elements required to deliver transformational Al experiences and exceptional performance."

  • An image of planes flying around a globe

    2024 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.