<img alt="dcsimg" id="dcsimg" width="1" height="1" src="//www.qsstats.com/dcsuuvfw300000gkyg9tnx0uc_3f7v/njs.gif?dcsuri=/index.php/print/c/a/Security/Cloud-Security-Survey-Reveals-Gap-Between-IT-Compliance-Officers-331339/7&amp;WT.js=No&amp;WT.tv=10.4.1&amp;dcssip=www.cioinsight.com&amp;WT.qs_dlk=XRRrgMsvnonrxYI9FegbtgAAAAQ&amp;">

8.Data in the cloud

By Bob Violino  |  Posted 11-23-2011

1.Different opinions

Only one third of IT security executives polled think cloud infrastructure environments such as Infrastructure-as-a-Service (IaaS) are as secure as on-premise data centers, while about half (49%) of the compliance officers polled think IaaS is just as secure.

2.More different opinions

52% of compliance executives surveyed think their organizations have sufficient policies and procedures to enable safe and secure use of cloud infrastructure. Only 34% of IT security executives surveyed think that's that case.

3.Responsibilities

21% of compliance officers polled say they are responsible for defining security requirements in the cloud, while 22% of IT security respondents think business unit leaders are responsible for defining security requirements in the cloud.

4.Lacking technologies

Only one third of IT security practitioners polled (35%) polled think their organizations have adequate technologies to secure their IaaS environments; 43% of compliance officers polled agree.

5.Auditing

59% of IT security executives surveyed and 55% of compliance officers surveyed say their organization's internal audit review does not provide feedback on security in the cloud infrastructure environment.

6.88%

88% of IT security executives surveyed say their organization has firewalls in place to protect sensitive or confidential information placed into cloud environments, while 85% have antivirus/antimalware software in place and 50% have identity and access management.

7.Encryption shortfall

Only 31% of the all respondents say their organization's major cloud providers use encryption to protect data from insider threats.

8.Data in the cloud

If the data were encrypted, 69% of all the respondents say they would place non-regulated customer data such as purchase history, email address lists and shipping information in the cloud environment. If data were not encrypted, more than half 52% say they would still place this data in the cloud.

9.Increasing budgets

On average, about 20% of the IT budget in organizations participating in the study is allocated to cloud services. This is expected to increase to about 31% over the next 12 to 24 months.

10.56%

More than half (56%) of IT practitioners say that security concerns will not keep their organizations from adopting cloud services.