ISLANDIA, N.Y., May 12 /PRNewswire-FirstCall/ -- CA, Inc.
(Nasdaq: CA) and the Ponemon Institute, an independent research
firm specializing in privacy, data protection and information
security policy, today announced a study analyzing significant
cloud security concerns that persist among IT professionals when it
comes to cloud services used within their organization.
The study, entitled "Security of Cloud Computing Users," reveals
that more than half of U.S. organizations are adopting cloud
services, but only 47 percent of respondents believe that cloud
services are evaluated for security prior to deployment. Of equal
concern, more than 50 percent of respondents in the U.S. say their
organization is unaware of all the cloud services deployed in their
enterprise today.
"Organizations put themselves at risk if they fail to evaluate
cloud services for security and don't have a view of what cloud
services are in use throughout the business," said Dave Hansen, corporate senior vice president and
general manager for CA's Security business unit. "All parties – IT,
the end user, and management – should be involved in the decision
making process, and need to build guidance around cloud computing
adoption to help their organizations more securely deploy cloud
services."
Findings also showed that there was a substantial concern across
industries in maintaining security for mission critical data sets
and business processes in the cloud. The surveyed IT
practitioners noted that a variety of data sets were still too
risky to store in the cloud:
- 68 percent thought that cloud computing was too risky to store
financial information and intellectual property;
- 55 percent did not want to store health records in the cloud;
and
- 43 percent were not in favor of storing credit card information
in the cloud.
Additional key findings from the study included:
- Less than 30 percent of respondents were confident they could
control privileged user access to sensitive data in the cloud.
- Only 14 percent of respondents believe cloud computing would
actually improve their organization's security posture.
- Just 38 percent of respondents agreed that their organization
had identified information deemed too sensitive to be stored in the
cloud.
The research suggests that IT personnel should take a full
inventory of their organization's cloud computing resources,
closely evaluate cloud providers, and assess the steps taken to
mitigate risks. Going forward, IT should institute policies around
what data is appropriate for cloud use and should evaluate
deployments before they are made.
"These results further underscore the importance of an actively
engaged IT department with the resources and authority to vet cloud
services and vendors prior to deployment," said Dr. Larry Ponemon, chairman and founder, Ponemon
Institute. "Cloud computing applications hold a great deal of
promise for organizations, but regarding their adoption as a fait
accompli and expecting IT to accommodate their use is an approach
fraught with risk, and the implications for information security
and data privacy are potentially dire."
CA and Cloud Security
CA has solutions aimed at extending identity and access
management (IAM) technologies used in the enterprise to the cloud.
It also delivers IAM for cloud providers who need to control access
to their services. In addition, CA is currently developing an
identity and access management offering to be delivered as a cloud
service.
For a copy of the study, please visit
http://ca.com/security/cloud-research.
About the study
The Security of Cloud Computing Users study sampled
642 IT and IT security practitioners in the U.S. during the month
of March, and included both technicians and managers in a wide
range of industries. Respondents on average had 12 years of
experience in the field.
Details of the study also will be discussed at the upcoming CA
World 2010 conference during the Security opening session at
11 a.m. PT, Monday, May 17. For the complete CA World 2010
agenda and registration details, visit http://www.ca.com/caworld.
To join the CA World community on the Web or your mobile device,
visit: http://caworld.ca.com/. You can also:
- Follow @CAInc and @CAWorld2010 on Twitter
- Follow us on LinkedIn
- Join CAInc and CAWorld on Facebook
About Ponemon Institute
The Ponemon Institute is dedicated to advancing
responsible information and privacy management practices in
business and government. To achieve this objective, the Institute
conducts independent research, educates leaders from the private
and public sectors and verifies the privacy and data protection
practices of organizations in a variety of industries.
(Logo:
http://www.newscom.com/cgi-bin/prnh/20090402/NYTH500LOGO
)
About CA
CA (Nasdaq: CA) is an IT management software and solutions
company with expertise across all IT environments – from mainframe
and physical, to virtual and cloud. CA manages and secures IT
environments and enables customers to deliver more flexible IT
services. CA's innovative products and services provide the insight
and control essential for IT organizations to power business
agility. The majority of the Global Fortune 500 rely on CA to
manage their evolving IT ecosystems. For additional
information, visit CA at www.ca.com. Follow CA on Twitter at
www.twitter.com/cainc.
Connect with CA
- CA Social Media Page
- CA Newsletters
- CA Press Releases
- CA Podcasts
- CASecurity Twitter
Legal Notices
Copyright © 2010 CA. All Rights Reserved. One CA Plaza,
Islandia, N.Y. 11749. All trademarks, trade names, service marks,
and logos referenced herein belong to their respective
companies.
|
Press Contacts
|
|
|
|
|
Leanne Agurkis
|
|
|
CA, Inc.
|
|
|
Phone: 386-738-1912
|
|
|
leanne.agurkis@ca.com
|
|
|
|
|
Mike Spinney
|
|
|
Ponemon Institute
|
|
|
Phone: (978) 660-4053
|
|
|
mspinney@ponemon.org
|
|
|
|
SOURCE CA