A recent survey of 643 IT and IT security practitioners in the U.S. and Canada found that fully 48 percent of respondents don’t inspect the cloud for malware, and another 12 percent are unsure whether they do or not.
Notably, among those that do inspect, 57 percent say they have found malware.
The survey, sponsored by Netskope and conducted by the Ponemon Institute, also found that while 49 percent of business applications are now stored in the cloud, just 45 percent of those applications are known, sanctioned or approved by IT.
“These data confirm that while cloud adoption is very much on the rise, organizations still lack confidence in the cloud’s ability to protect sensitive information,” Netskope founder and CEO Sanjay Beri said in a statement.
“With the rise of cloud threats like accidental data exposure, malware and ransomware aimed at exfiltrating data and extracting financial gain from sensitive data, IT teams need more robust intelligence, protection, and remediation to protect their data from breach or loss,” Beri added.
While more than half of respondents said the use of cloud services significantly increases the likelihood of a data breach, almost 20 percent are unable to determine whether they’ve experienced a breach or not.
Among the 31 percent of companies that did experience a data breach in the past year, 48 percent said the breach occurred when a user exposed data from a cloud service, either intentionally or accidentally. A quarter don’t know how the breach occurred, however, and 30 percent don’t know what data may have been lost or stolen.
Respondents’ leading concerns about cloud security risks are loss of control over the security of data and end user actions (49 percent), loss or theft of intellectual property (47 percent), and compliance violations (39 percent).
A separate Blancco Technology Group survey of more than 290 IT professionals in the U.S., Canada, Mexico, U.K., Germany, France, India, Japan and China found that 26 percent of respondents are either not confident or somewhat confident about their IT teams’ knowledge of the use of all cloud storage providers.
Twenty-one percent of respondents said they store a combination of the following types of data in the cloud: B2B customer information, company information, employee information, and B2C customer information.
Fifteen percent of respondents rarely or never conduct audits of cloud providers that store their corporate data, even though 40 percent of respondents believe storing corporate data in a cloud environment increases their compliance risk.
Sixteen percent of respondents said they don’t know what security precautions they would take to prevent data loss or theft when decommissioning or shutting down a cloud/virtual server.
“Whenever storing data offsite with a cloud provider, organizations must be diligent in knowing where their data is being stored, how it’s being protected and when it needs to be removed (in the case of migrating data to a new vendor or consolidating data centers, for example),” Blancco Technology Group chief strategy officer Richard Stiennon said in a statement.
A recent eSecurity Planet article suggested six questions to ask yourself about your cloud security.
