Recent studies and surveys show that CIOs and CISOs are struggling to design security in the cloud and in particular that of sensitive data.
Many companies have begun transitioning to the Cloud, without establishing operational junction with the tools they exploit to protect data stored on the site. This is one of the main lessons of a global survey conducted by the Ponemon Institute on behalf of Informatica (data integration).
According to their survey 528 CIOs and IT professionals in the European security whose answers were chosen up are generally the same concerns as their 1035 counterparts surveyed the rest of the planet.
In this case they show particular concerns about their inability to determine where to store sensitive data from their company and how they are exposed to computer attacks.
Thus, these technical profiles that play key role in decision making considering the adoption of the mobile cloud computing solution along with evaluating necessary standard compliance certifications (Read More – Why CIOs are still inclined to ITIL to align IT with Business?) and real time infrastructure monitoring tools.
During the past year, 57% fear of not knowing how to identify sensitive data in their company, increased to 64% in 2015. Their estimates vary greatly also on the percentage of data that can be described as confidential – about a third of those hosted in the Cloud would be…
Lack of confidence
Companies that are generally fitted: 46% have an automated solution for detecting sensitive data stored on the site (37% in the Cloud). They also implement classification technologies (68%), monitoring (61%), and encryption (51%) and risk analysis (45%).
But the lack of confidence in these solutions is obvious. Illustration with procedures for monitoring access to sensitive information, implemented in 70% of cases for data on-site (29% for those in the Cloud), but considered “low risk” by only 22% of respondents.
In light of these statistics, the Ponemon Institute concludes that “it is unlikely” that a company that fails to identify its sensitive data to determine the site knows what it transferred to the Cloud.
Teaching that is particularly true for Europe, where we observe a certain resignation in the state: 33% of sensitive or confidential data stored in the Cloud are considered vulnerable (27%).
Furthermore, less than a third of companies, 32% have confidence in their ability to curb data leakage; 31% in their management of user access; 30% in their ability to prioritize information.
What are the solutions?
Enterprises can use either a homegrown solution followed by a Cloud service provider’s guidelines or should adopt the total solution offered by a cloud service provider with the consideration of open source or proprietary solutions for both on premises and in the Cloud.