8.Data in the cloud

By Bob Violino  |  Posted 11-23-2011 Print

A study by the Ponemon Institute, sponsored by security technology vendor Vormetric Inc., shows that less than half of the 1,018 U.S.-based IT security practitioners and compliance officers surveyed think their organizations have adequate technology in place to secure their cloud computing infrastructures. The two groups of executives-IT security and compliance-disagree sharply on whether the cloud is as secure as on-premise data centers. They also have differing opinions on who is responsible for cloud data security and what security measures companies should use. Ponemon Institute's report, "Data Security in the Cloud Survey of U.S. IT Operations, IT Security and Compliance Practitioners," surveyed the executives online over a three-week period ending in October 2011. "While we were surprised by the different attitudes towards cloud security among IT practitioners and compliance officers, the findings did reveal that security in the cloud is a concern for both groups, especially in IaaS environments," says Larry Ponemon, chairman and founder of the Ponemon Institute. What is most troubling, Ponemon says, is that while respondents feel they lack adequate technologies to secure their cloud environments, ownership of security in the cloud is dispersed throughout the organization.


If the data were encrypted, 69% of all the respondents say they would place non-regulated customer data such as purchase history, email address lists and shipping information in the cloud environment. If data were not encrypted, more than half 52% say they would still place this data in the cloud.


Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.