3.ResponsibilitiesBy Bob Violino
Only one third of IT security executives polled think cloud infrastructure environments such as Infrastructure-as-a-Service (IaaS) are as secure as on-premise data centers, while about half (49%) of the compliance officers polled think IaaS is just as secure.
2.More different opinions
52% of compliance executives surveyed think their organizations have sufficient policies and procedures to enable safe and secure use of cloud infrastructure. Only 34% of IT security executives surveyed think that's that case.
21% of compliance officers polled say they are responsible for defining security requirements in the cloud, while 22% of IT security respondents think business unit leaders are responsible for defining security requirements in the cloud.
Only one third of IT security practitioners polled (35%) polled think their organizations have adequate technologies to secure their IaaS environments; 43% of compliance officers polled agree.
59% of IT security executives surveyed and 55% of compliance officers surveyed say their organization's internal audit review does not provide feedback on security in the cloud infrastructure environment.
88% of IT security executives surveyed say their organization has firewalls in place to protect sensitive or confidential information placed into cloud environments, while 85% have antivirus/antimalware software in place and 50% have identity and access management.
Only 31% of the all respondents say their organization's major cloud providers use encryption to protect data from insider threats.
8.Data in the cloud
If the data were encrypted, 69% of all the respondents say they would place non-regulated customer data such as purchase history, email address lists and shipping information in the cloud environment. If data were not encrypted, more than half 52% say they would still place this data in the cloud.
On average, about 20% of the IT budget in organizations participating in the study is allocated to cloud services. This is expected to increase to about 31% over the next 12 to 24 months.
More than half (56%) of IT practitioners say that security concerns will not keep their organizations from adopting cloud services.