How many blog posts in a row can start with the phrase “less than half”? At least two… :o)
We’ve covered the growth of cloud adoption several times, especially in eDiscovery, including here and here. However, according to a new survey from Ponemon, organizations apparently aren’t adopting appropriate governance and security measures to protect sensitive data in the cloud.
In the article Ponemon: Cloud Adoption Grows as Security Lags (written by Tara Seals), 73% of respondents to the survey indicated that cloud-based services and platforms are important to their organization’s operations, and 81% of respondents said they will be more so over the next two years. Not only that, but 36% of respondents said their companies’ total IT and data processing needs were met using cloud resources today and that number is expected to rise to 45% over the next two years!
Unfortunately, 54% of the respondents said their companies do not have a proactive approach to managing security and complying with privacy and data protection regulations in cloud environments, indicating that their organizations are not careful about sharing sensitive information in the cloud with third parties such as business partners, contractors and vendors. These are the challenges listed:
- Difficulty in controlling or restricting end-user access, which increased from 48% in 2014 to 53% of respondents in 2016;
- Inability to apply conventional information security in cloud environments (70% of respondents);
- Inability to directly inspect cloud providers for security compliance (69% of respondents);
- Shadow IT is also a problem – nearly half (49%) of cloud services are deployed by departments other than corporate IT and an average of 47% of corporate data stored in cloud environments is not managed or controlled by the IT department.