The Ponemon Institute report, “Data Security in the Cloud Survey of U.S. IT Operations, IT Security and Compliance Practitioners”, shows that only one-third of the respondents think cloud infrastructure environments are as secure as on-premise data centers. The survey, which was sponsored by security technology provider Vormetric Inc., also shows that less than one third of the organizations encrypt data and/or files in the cloud.
Regarding cloud security roles, 21% of the compliance officers say they are responsible for defining security requirements, while 22% of the IT security respondents think this responsibility belongs to business unit leaders.
Other key findings: 35% of IT security practitioners and 42% of compliance officers think their organization has adequate technologies to secure their infrastructure-as-a-service (IaaS) environments; data in IaaS cloud environments is perceived as a greater security risk, while software-as-a-service is considered to be more secure; and more than half of respondents say their organization’s internal audit review does not provide feedback on the security in cloud infrastructures.
“While we were surprised by the different attitudes towards cloud security among IT practitioners and compliance officers, the findings did reveal that security in the cloud is a concern for both groups, especially in IaaS environments,” Larry Ponemon, chairman and founder of the Ponemon Institute, said in a statement. “What is most troubling is the fact that while respondents feel they lack adequate technologies to secure their IaaS environments, ownership for security in the cloud is dispersed throughout the organization.”
Be the first to comment on this post using the section below.