- Study reveals regional disparities in adoption of cloud security:
German businesses almost twice as likely to secure confidential or
sensitive information in the cloud (61%) than British (35%),
Brazilian (34%) and Japanese (31%) organizations
- Half of global organizations believe that payment information
(54%) and customer data (49%) is at risk in the cloud
- Over half (57%) think using the cloud increases compliance
risk
AMSTERDAM, Jan 16, 2018 - (ACN Newswire) -
Gemalto, the world leader in digital security, can today reveal
that while the vast majority of global companies (95%) have adopted
cloud services[1], there is a wide gap in the level of security
precautions applied by companies in different markets.
Organizations admitted that on average, only two-fifths (40%) of
the data stored in the cloud is secured with encryption and key
management solutions.
The findings - part of a Gemalto commissioned Ponemon Institute
"2018 Global Cloud Data Security Study" - found that organizations
in the UK (35%), Brazil (34%) and Japan (31%) are less cautious
than those in Germany (61%) when sharing sensitive and confidential
information stored in the cloud with third parties. The study
surveyed more than 3,200 IT and IT security practitioners worldwide
to gain a better understanding of the key trends in data governance
and security practices for cloud-based services.
Germany's lead in cloud security extends to its application of
controls such as encryption and tokenization. The majority (61%) of
German organizations revealed they secure sensitive or confidential
information while being stored in the cloud environment, ahead of
the US (51%) and Japan (50%). The level or security applied
increases further still when data is sent and received by the
business, rising to 67% for Germany, with Japan (62%) and India
(61%) the next highest.
Crucially, however, over three quarters (77%) of organizations
across the globe recognize the importance of having the ability to
implement cryptologic solutions, such as encryption. This is only
set to increase, with nine in 10 (91%) believing this ability will
become more important over the next two years - an increase from
86% last year.
Managing privacy and regulation in the cloud
Despite the growing adoption of cloud computing and the benefits
that it brings, it seems that global organizations are still wary.
Worryingly, half report that payment information (54%) and customer
data (49%) are at risk when stored in the cloud. Over half (57%) of
global organizations also believe that using the cloud makes them
more likely to fall foul of privacy and data protection
regulations, slightly down from 62% in 2016.
Due to this perceived risk, almost all (88%) believe that the new
General Data Protection Regulation (GDPR), will require changes in
cloud governance, with two in five (37%) stating it would require
significant changes. As well as difficulty in meeting regulatory
requirements, three-quarters of global respondents (75%) also
reported that it is more complex to manage privacy and data
protection regulations in a cloud environment than on premise
networks, with France (97%) and the US (87%) finding this the most
complex, just ahead of India (83%).
Head in the clouds
Despite the prevalence of cloud usage, the study found that there
is a gap in awareness within businesses about the services being
used. Only a quarter (25%) of IT and IT security practitioners
revealed they are very confident they know all the cloud services
their business is using, with a third (31%) confident they
know.
Looking more closely, shadow IT may be continuing to cause
challenges. Over half of Australian (61%), Brazilian (59%) and
British (56%) organizations are not confident they know all the
cloud computing apps, platform or infrastructure services their
organization is using. Confidence is higher elsewhere, with only
around a quarter in Germany (27%), Japan (27%) and France (25%) not
confident.
Fortunately, the vast majority (81%) believe that having the
ability to use strong authentication methods to access data and
applications in the cloud is essential or very important.
Businesses in Australia are the keenest to see authentications put
in place, with 92% agreeing it would help ensure only authorised
people could access certain data and applications in the cloud,
ahead of India (85%) and Japan (84%).
"While it's good to see some countries like Germany taking the
issue of cloud security seriously, there is a worrying attitude
emerging elsewhere," said Jason Hart, CTO, Data Protection at
Gemalto. "This may be down to nearly half believing the cloud makes
it more difficult to protect data, when the opposite is true."
"The benefit of the cloud is its convenience, scalability and cost
control in offering options to businesses that they would not be
able to access or afford on their own, particularly when it comes
to security. However, while securing data is easier, there should
never be an assumption that cloud adoption means information is
automatically secure. Just look at the recent Accenture and Uber
breaches as examples of data in the cloud that has been left
exposed. No matter where data is, the appropriate controls like
encryption and tokenization need to be placed at the source of the
data. Once these are in place, any issues of compliance should be
resolved."
Research methodology
This research was conducted by the Ponemon Institute on behalf of
Gemalto with 3,285 IT and IT security practitioners surveyed across
the US (575), UK (405), Australia (244), Germany (492), France
(293), Japan (424), India (497) and Brazil (355).
Resources
- Visit the 2018 Global Cloud Data Security Study website to
explore regional differences in more detail or download the report.
http://www2.gemalto.com/cloud-security-research/
- Join Gemalto and the Ponemon Institute for a "Top Trends in Cloud
Security" webinar on February 27th - click here to register.
http://bit.ly/2DghoNi
- Learn more about Gemalto's Cloud Data Security solutions.
https://safenet.gemalto.com/cloud-data-security/
- For more Gemalto research on data security.
http://bit.ly/2jqEGna
About Gemalto
Gemalto (Euronext NL0000400653 GTO) is the global leader in digital
security, with 2016 annual revenues of EUR 3.1 billion and
customers in over 180 countries. We bring trust to an increasingly
connected world.
From secure software to biometrics and encryption, our technologies
and services enable businesses and governments to authenticate
identities and protect data so they stay safe and enable services
in personal devices, connected objects, the cloud and in
between.
Gemalto's solutions are at the heart of modern life, from payment
to enterprise security and the internet of things. We authenticate
people, transactions and objects, encrypt data and create value for
software - enabling our clients to deliver secure digital services
for billions of individuals and things.
Our 15,000+ employees operate out of 112 offices, 43
personalization and data centers, and 30 research and software
development centers located in 48 countries.
For more information visit www.gemalto.com, or follow @gemalto on
Twitter.
Gemalto media contacts:
Tauri Cox
North America
+1 512 257 3916
tauri.cox@gemalto.com
Sophie Dombres
Europe Middle East & Africa
+33 4 42 55 36 57 38
sophie.dombres@gemalto.com
Jaslin Huang
Asia Pacific
+65 6317 3005
jaslin.huang@gemalto.com
Enriqueta Sedano
Latin America
+52 5521221422
enriqueta.sedano@gemalto.com
[1] http://bit.ly/2s9C5ku
Press release (PDF):
http://hugin.info/159293/R/2161393/831333.pdf
Picture: http://hugin.info/159293/R/2161393/831334.JPG
Source: Gemalto NV
Copyright 2018 ACN Newswire . All rights reserved.