Gartner SaaS Report: Sensitive Data Requires Policy Coordination
Organizations that use a software as a service (SaaS) platform for data are more likely to use it for sensitive data than for mission-critical data, according to a new report from IT research firm Gartner.
The study, based on a survey of 425 respondents from IT risk management disciplines in the United States, United Kingdom, Germany and Canada, shows that organizations take different approaches to risk management when they face a need or opportunity to share data with different types of external parties. Compared with platform as a service (PaaS) or infrastructure as a service (IaaS), organizations were about 30 percent more likely to have a policy against putting sensitive data into SaaS (26 percent), and about 45 percent more likely to have a policy against putting it into outsourced data centers (29 percent).
However, the report found only 57 percent of IaaS/PaaS buyers are using a questionnaire to support their risk assessment. Unlike for SaaS, the form is more likely to be proprietary -- unique to the buyer's organization -- and less likely to be based on industry standards. Just 36 percent of respondents said they had a policy against putting mission-critical data into an outsourced data center, with 29 percent saying this policy applied to SaaS, with only 22 percent saying it applied to IaaS/PaaS.
The Role of Standards in Cloud Security
Security is often cited as a primary cause for concern...Watch Now
Ensuring Resources for Mission Critical Workloads
Application workloads can thrive in cloud environments,...Watch Now
Improving Security in the Public Cloud
One of the main concerns about moving data to a public...Watch Now