Advertisment

Cloud: Security and compliance remain major concerns

author-image
Deepa
New Update

BANGALORE, INDIA: While companies are becoming more and more comfortable with the security of third-party cloud service providers, data security, particularly at the end user level, and concerns over meeting compliance requirements, remain top concerns among cloud adopters, as per a survey done by NetIQ.

Advertisment

Fifty-one percent of IT executives surveyed believe that the cloud increases data security overall. However, almost 70 per cent of respondents indicated that consumer cloud services pose a risk to sensitive data in their organizations and 45 per cent are not fully confident that their cloud provider's security processes and programs meet their data security requirements. Additional findings found a mix of concern and confidence in cloud security:

Key Findings:

Forty-five per cent do not have full visibility and control of their cloud-based data when users sign up on their own.

Only 46 per cent train end users on how they should securely access data in the cloud.

Advertisment

Forty-two per cent of organizations are not fully confident that they demonstrate regulatory compliance concerning sensitive information/assets in the cloud.

Fifty-nine per cent are very confident in their ability to control and manage access from mobile devices to cloud services.

"These survey findings demonstrate that IT executives are feeling more confident in the execution of their cloud security strategies and programmes. However, this confidence may be at odds with the concerns security teams have while addressing an ever-increasing number of threats to corporate information," said Geoff Webb, director, Solution Strategy at NetIQ. "Data-centric security programs remain the most targeted and effective way to build security programs ready to embrace the complexities inherent in adopting cloud. Identifying sensitive data, applying appropriate layers of protection around that data, and tracking who is accessing it remain the best ways to respond to threats, meet regulatory requirements and minimize organizational risk."

smac