A study by the Ponemon Institute, sponsored by security technology vendor Vormetric Inc., shows that less than half of the 1,018 U.S.-based IT security practitioners and compliance officers surveyed think their organizations have adequate technology in place to secure their cloud computing infrastructures. The two groups of executives-IT security and compliance-disagree sharply on whether the cloud is as secure as on-premise data centers. They also have differing opinions on who is responsible for cloud data security and what security measures companies should use. Ponemon Institute's report, "Data Security in the Cloud Survey of U.S. IT Operations, IT Security and Compliance Practitioners," surveyed the executives online over a three-week period ending in October 2011. "While we were surprised by the different attitudes towards cloud security among IT practitioners and compliance officers, the findings did reveal that security in the cloud is a concern for both groups, especially in IaaS environments," says Larry Ponemon, chairman and founder of the Ponemon Institute. What is most troubling, Ponemon says, is that while respondents feel they lack adequate technologies to secure their cloud environments, ownership of security in the cloud is dispersed throughout the organization.
59% of IT security executives surveyed and 55% of compliance officers surveyed say their organization's internal audit review does not provide feedback on security in the cloud infrastructure environment.
This article was originally published on 11-23-2011