Oct. 29, 2014 A majority of IT organizations are kept in the dark when it comes to protecting corporate data in the cloud, putting confidential and sensitive information at risk. This is just one of the findings of a recent Ponemon Institute study commissioned by SafeNet, Inc., a global leader in data protection. The study, titled “The Challenges of Cloud Information Governance: A Global Data Security Study,” surveyed more than 1800 IT and IT security professionals worldwide.
Among the key findings, the research indicates that while organizations are increasingly using cloud computing resources, IT staff is having trouble controlling the management and security of data in the cloud. The survey found that only 38 percent of organizations have clearly defined roles and accountability for safeguarding confidential or sensitive information in the cloud. Adding to the confusion, 44 percent of corporate data stored in cloud environments is not managed or controlled by the IT department. And more than two-thirds (71 percent) of respondents say it is more difficult to protect sensitive data in the cloud using conventional security practices.
The Ponemon and SafeNet report (and the summary in this CNBC article) shows many oversight and control issues. Including exploding Shadow IT, serious problems tracking data and general difficulty getting on top of security when doing it at arm’s length.
In this Information Security Buzz article and related blog post, Infospectives’ owner Sarah Clarke looks at priorities in the fight to claw back control.
- Number 1 Rule? – Don’t skimp on due diligence
- Mismanaged Risk – Why urgency and budget beats security