- Study reveals regional disparities in adoption of cloud
security: German businesses almost twice as likely to secure
confidential or sensitive information in the cloud (61%) than
British (35%), Brazilian (34%) and Japanese (31%)
organizations
- Half of global organizations believe that payment information
(54%) and customer data (49%) is at risk in the cloud
- Over half (57%) think using the cloud increases compliance
risk
Amsterdam, January 16, 2018- Gemalto, the world
leader in digital security, can today reveal that while the vast
majority of global companies (95%) have adopted cloud services[1],
there is a wide gap in the level of security precautions applied by
companies in different markets. Organizations admitted that on
average, only two-fifths (40%) of the data stored in the cloud is
secured with encryption and key management solutions.
The findings - part of a Gemalto commissioned Ponemon Institute
"2018 Global Cloud Data Security Study" - found that organizations
in the UK (35%), Brazil (34%) and Japan (31%) are less cautious
than those in Germany (61%) when sharing sensitive and confidential
information stored in the cloud with third parties. The study
surveyed more than 3,200 IT and IT security practitioners worldwide
to gain a better understanding of the key trends in data governance
and security practices for cloud-based services.
Germany's lead in cloud security extends to its application of
controls such as encryption and tokenization. The majority (61%) of
German organizations revealed they secure sensitive or confidential
information while being stored in the cloud environment, ahead of
the US (51%) and Japan (50%). The level or security applied
increases further still when data is sent and received by the
business, rising to 67% for Germany, with Japan (62%) and India
(61%) the next highest.
Crucially, however, over three quarters (77%) of organizations
across the globe recognize the importance of having the ability to
implement cryptologic solutions, such as encryption. This is only
set to increase, with nine in 10 (91%) believing this ability will
become more important over the next two years - an increase from
86% last year.
Managing privacy and regulation in the cloud
Despite the growing adoption of cloud computing and the benefits
that it brings, it seems that global organizations are still wary.
Worryingly, half report that payment information (54%) and customer
data (49%) are at risk when stored in the cloud. Over half (57%) of
global organizations also believe that using the cloud makes them
more likely to fall foul of privacy and data protection
regulations, slightly down from 62% in 2016.
Due to this perceived risk, almost all (88%) believe that the
new General Data Protection Regulation (GDPR), will require changes
in cloud governance, with two in five (37%) stating it would
require significant changes. As well as difficulty in meeting
regulatory requirements, three-quarters of global respondents (75%)
also reported that it is more complex to manage privacy and data
protection regulations in a cloud environment than on premise
networks, with France (97%) and the US (87%) finding this the most
complex, just ahead of India (83%).
Head in the clouds
Despite the prevalence of cloud usage, the study found that
there is a gap in awareness within businesses about the services
being used. Only a quarter (25%) of IT and IT security
practitioners revealed they are very confident they know all the
cloud services their business is using, with a third (31%)
confident they know.
Looking more closely, shadow IT may be continuing to cause
challenges. Over half of Australian (61%), Brazilian (59%) and
British (56%) organizations are not confident they know all the
cloud computing apps, platform or infrastructure services their
organization is using. Confidence is higher elsewhere, with only
around a quarter in Germany (27%), Japan (27%) and France (25%) not
confident.
Fortunately, the vast majority (81%) believe that having the
ability to use strong authentication methods to access data and
applications in the cloud is essential or very important.
Businesses in Australia are the keenest to see authentications put
in place, with 92% agreeing it would help ensure only authorised
people could access certain data and applications in the cloud,
ahead of India (85%) and Japan (84%).
"While it's good to see some countries like Germany taking the
issue of cloud security seriously, there is a worrying attitude
emerging elsewhere," said Jason Hart, CTO, Data Protection at
Gemalto. "This may be down to nearly half believing the cloud makes
it more difficult to protect data, when the opposite is true.
"The benefit of the cloud is its convenience, scalability and
cost control in offering options to businesses that they would not
be able to access or afford on their own, particularly when it
comes to security. However, while securing data is easier, there
should never be an assumption that cloud adoption means information
is automatically secure. Just look at the recent Accenture and Uber
breaches as examples of data in the cloud that has been left
exposed. No matter where data is, the appropriate controls like
encryption and tokenization need to be placed at the source of the
data. Once these are in place, any issues of compliance should be
resolved."
Research methodology
This research was conducted by the Ponemon Institute on behalf
of Gemalto with 3,285 IT and IT security practitioners surveyed
across the US (575), UK (405), Australia (244), Germany (492),
France (293), Japan (424), India (497) and Brazil (355).
Resources
- Visit the 2018 Global Cloud Data Security Study website to
explore regional differences in more detail or download the
report
- Join Gemalto and the Ponemon Institute for a "Top Trends in
Cloud Security" webinar on February 27th - click here to
register.
- Learn more about Gemalto's Cloud Data Security solutions
- For more Gemalto research on data security.
About Gemalto
Gemalto (Euronext NL0000400653 GTO) is the global leader in
digital security, with 2016 annual revenues of €3.1 billion and
customers in over 180 countries. We bring trust to an increasingly
connected world.
From secure software to biometrics and encryption, our
technologies and services enable businesses and governments to
authenticate identities and protect data so they stay safe and
enable services in personal devices, connected objects, the cloud
and in between.
Gemalto's solutions are at the heart of modern life, from
payment to enterprise security and the internet of things. We
authenticate people, transactions and objects, encrypt data and
create value for software - enabling our clients to deliver secure
digital services for billions of individuals and things.
Our 15,000+ employees operate out of 112 offices, 43
personalization and data centers, and 30 research and software
development centers located in 48 countries.
For more information visit www.gemalto.com, or follow @gemalto
on Twitter.
Gemalto
media contacts: |
Tauri Cox North
America+1 512 257 3916 tauri.cox@gemalto.com |
Sophie DombresEurope
Middle East & Africa +33 4 42 55 36 57 38
sophie.dombres@gemalto.com |
Jaslin Huang Asia Pacific
+65 6317 3005 jaslin.huang@gemalto.com |
Enriqueta
Sedano Latin America +52 5521221422
enriqueta.sedano@gemalto.com |
[1]
https://www.rightscale.com/lp/2017-state-of-the-cloud-report?campaign=70170000000vFyc
Attachments:
A photo accompanying this announcement is available at
http://www.globenewswire.com/NewsRoom/AttachmentNg/a0b6e18f-96fd-4fac-aa89-e29e36efecf7
Attachments:
http://www.globenewswire.com/NewsRoom/AttachmentNg/0301265d-d30d-4493-88ca-6b887248b4ab