Majority of Businesses Leave Sensitive Data Unprotected in the Cloud

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

A recent survey of more than 4,000 organizations worldwide has found that more than half of respondents say their sensitive data is "readable" and unprotected when stored in the cloud.

The survey, entitled "Encryption in the Cloud," was sponsored by Thales and conducted by the Ponemon Institute.

Despite the lack of security, more than half of all respondents say their organization already transfers sensitive data to the cloud.

Only 11 percent say their organization has no plans to use the cloud for sensitive operations.

At the same time, 35 percent of respondents do consider themselves knowledgeable about the security practices of their cloud providers, up from 29 percent two years ago.

And when data is encrypted in the cloud, 34 percent of respondents say their own organization is in control of the encryption keys. Only 18 percent say the cloud provider has full control over the keys.

"Staying in control of sensitive or confidential data is paramount for most organizations today and yet our survey shows they are transferring ever more of their most valuable data assets to the cloud," Larry Ponemon, chairman and founder of the Ponemon Institute, said in a statement. "It is perhaps a sign of confidence that organizations with the highest overall security posture were most likely to use the cloud for operations involving sensitive data, and it is encouraging to find that significantly fewer respondents believe that use of the cloud is weakening their security posture."

"However, there are still concerns that many organizations continue to believe that their cloud providers are solely responsible for protecting their sensitive data, even though the majority of respondents claim not to know what specific security measures their cloud provider is taking," Ponemon added.

The full survey results are available here.