As organizations more and more flip to the cloud to retailer data, a brand new international research from Thales, with analysis from the Ponemon Institute, has revealed that solely a 3rd (32%) of organizations make use of a security-first strategy to data storage within the cloud.
To compile its 2019 Thales Global Cloud Security Study, the agency surveyed greater than 3,000 IT and IT safety practitioners from Australia, Brazil, France, Germany, India, Japan, the UK and the US. Of these surveyed, just one in three (31%) organizations imagine that defending data within the cloud is their personal duty.
Thales’ research discovered that just about half (48%) of organizations have a multi-cloud technique with AWS, Microsoft Azure and IBM being the highest three cloud suppliers. On common, organizations use three totally different cloud computing service suppliers and 28 % are utilizing 4 or extra.
Despite storing delicate data within the cloud, virtually half (46%) of respondents revealed that storing shopper data within the cloud makes them extra of a safety danger with 56 % noting that it poses a compliance danger as effectively. Additionally, organizations imagine that cloud service suppliers bear essentially the most duty for delicate data within the cloud (35%), forward of shared duty (33%) and themselves (31%).
Although companies are pushing the duty of securing data within the cloud onto cloud suppliers, solely 23 % of respondents mentioned safety is an element when selecting a cloud service.
Lack of encryption
Thales found that just a little over half (51%) of companies and different organizations nonetheless don’t use encryption to guard delicate data within the cloud. However, the research uncovered regional disparities by way of data safety with German organizations being essentially the most superior in their use of encryption at 66 %.
The research additionally revealed that organizations have begun handy over the keys to their encrypted data to cloud suppliers. Nearly half of cloud corporations (44%) present encryption keys when data is saved within the cloud, forward of in-house groups (36%) and third events (19%). Additionally, 53 % of cloud suppliers are controlling these encryption keys themselves even supposing 78 % of respondents say it is crucial that their group retains management of the keys.
Of these surveyed, 54 % suppose cloud storage makes it tougher to guard delicate data and this determine is up from 49% final yr.
Vice president of market technique for cloud safety and licensing exercise at Thales, Tina Stewart offered additional perception on the research’s findings, saying:
“This study shows that businesses today are taking advantage of the opportunities that new cloud options offer, but aren’t adequately addressing data security. Having pushed the responsibility towards cloud providers, it is surprising to see that security is not a primary factor during the selection process. It doesn’t matter what model or provider you choose, the security of your business’ data in the cloud has to be your responsibility. Your organisation’s reputation is on the line when a data breach occurs, so it is critical to ensure in-house teams keep a close eye on your security posture and always retain control of encryption keys.”