- Nearly half (48%) of all corporate data is stored in the cloud,
up from a third (35%) three years ago
- Less than half (49%) of organizations are encrypting sensitive
data in the cloud
- Only one-third (32%) of organizations believe protecting data
in the cloud is their responsibility
A new global study from Thales, with research from the
Ponemon Institute, has exposed an increasing disparity between the
rapid growth of data stored in the cloud and an organization’s
approach to cloud security. Although nearly half (48%) of corporate
data is stored in the cloud, only a third (32%) of organizations
admit they employ a security-first approach to data storage in the
cloud.
This press release features multimedia. View
the full release here:
https://www.businesswire.com/news/home/20191008005492/en/
(Photo: Thales)
Surveying over 3,000 IT and IT security practitioners in
Australia, Brazil, France, Germany, India Japan, the United Kingdom
and the United States, the research found that only one in three
(31%) organizations believe that protecting data in the cloud is
their own responsibility.
Increased multi-cloud cloud use, but with risks
With the proliferation of cloud-based services, businesses and
other organizations are increasingly dependent on cloud providers.
In fact, nearly half (48%) of organizations have a multi-cloud
strategy, with Amazon Web Services (AWS), Microsoft Azure and IBM
being the top three. The study found that, on average,
organizations use three different cloud service providers and over
a quarter (28%) are using four or more.
Despite storing sensitive data in the cloud, nearly half (46%)
surveyed revealed that storing consumer data in the cloud makes
them more of a security risk. Over half (56%) also noted that it
posed a compliance risk. In addition, organizations believe that
cloud service providers bear the most responsibility for sensitive
data in the cloud (35%), ahead of shared responsibility (33%) and
themselves (31%). Even though businesses are pushing the
responsibility to cloud providers, only 23% say security is a
factor in selecting them.
“With businesses increasingly looking to use multiple cloud
platforms and providers, it’s vital they understand what data is
being stored and where,” said Larry Ponemon, chairman and
founder of the Ponemon Institute. “Not knowing this information
makes it essentially impossible to protect the most sensitive data
--ultimately leaving these organizations at risk. We’d encourage
all companies to take responsibility for understanding where their
data sits to ensure it’s safe and secure.”
Encryption increasing, but organizations handing over keys to
cloud providers
Roughly half (51%) of businesses and other organizations still
do not use encryption or tokenization to protect sensitive data in
the cloud. The study uncovered regional disparities in terms of
data security, with German organizations being the most advanced in
their use of encryption at 66%.
Organizations are handing over the keys to their encrypted data
to cloud providers. Nearly half of cloud companies (44%) provide
the encryption keys when data is encrypted in the cloud, ahead of
in-house teams (36%) and third parties (19%). On top of this, 53%
are controlling these encryption keys themselves, despite 78%
saying it’s important their organization retains control of the
keys.
Over half of businesses (54%) think cloud storage makes it more
difficult to protect sensitive data, up from 49% last year. More
than 70% believe that data in a cloud environment is harder to
protect due to the complexity of managing privacy and data
protection regulations, while an additional two-thirds (67%) cited
the difficulty of applying conventional security methods in the
cloud.
“This study shows that businesses today are taking advantage of
the opportunities that new cloud options offer, but aren’t
adequately addressing data security,” said Tina Stewart,
vice president of market strategy for cloud protection and
licensing activity at Thales. “Having pushed the responsibility
towards cloud providers, it is surprising to see that security is
not a primary factor during the selection process. It doesn’t
matter what model or provider you choose, the security of your
business’ data in the cloud has to be your responsibility. Your
organization’s reputation is on the line when a data breach occurs,
so it is critical to ensure in-house teams keep a close eye on your
security posture and always retain control of encryption keys.”
For more information, attend our “Global Trends in Cloud
Security: Gaps in Security Persist in a Multi-Cloud World” webinar
taking place on November 7 or visit the 2019 Thales Cloud Security
Study website.
Research methodology
This research was conducted by the Ponemon Institute on behalf
of Thales with 3,667 IT and IT security practitioners surveyed
across the Australia, Brazil, France, Germany, India, Japan, the
United Kingdom and the United States.
Industry insight and views on the latest data security trends
can be found on the Thales blog at blog.thalesesecurity.com.
Follow Thales on Twitter, LinkedIn, Facebook and
YouTube.
About Thales
Thales (Euronext Paris: HO) is a global technology leader
shaping the world of tomorrow today. The Group provides solutions,
services and products to customers in the aeronautics, space,
transport, digital identity and security, and defence markets. With
80,000 employees in 68 countries, Thales generated sales of €19
billion in 2018 (on a pro forma basis including Gemalto).
Thales is investing in particular in digital innovations —
connectivity, Big Data, artificial intelligence and cybersecurity —
technologies that support businesses, organisations and governments
in their decisive moments
PLEASE VISIT Thales Group
Security Download HD photos
View source
version on businesswire.com: https://www.businesswire.com/news/home/20191008005492/en/
Thales, Media Relations Security Constance Arnoux
+33 (0)1 57 77 91 58 constance.arnoux@thalesgroup.com
Thales (EU:HO)
Graphique Historique de l'Action
De Mar 2024 à Avr 2024
Thales (EU:HO)
Graphique Historique de l'Action
De Avr 2023 à Avr 2024