The latest Thales eSecurity and Ponemon Institute survey, which had a total of 5,252 respondents, has revealed that organizations are seeking encryption as a solution to meet data security needs and to address compliance concerns regarding the soon to be established European General Data Protection Regulation (GDPR).
It was found that 43% of organizations have an encryption strategy implemented throughout the entire enterprise and 39% encrypt in public cloud services, which is an increase of 11% from 2017.
Other key stats from the survey include:
- 84% of respondents said they either use the cloud for both sensitive and non-sensitive applications and data today, or that they plan to do so in the next 12-24 months
- Almost half (49%) of companies said they are either partially or extensively deploying encryption of IoT data on IoT devices and platforms
- Some 39% of organizations are encrypting in public cloud services, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud
It’s unfortunate when almost every data breach headline places the blame on the organization for not taking appropriate measures to secure sensitive information, especially when it involves the cloud. With the latest survey results, it is positive to see organizations taking data security seriously and with encryption adoption rates looking set to increase further, this can only bode well in building the trust between customers and enterprises.
In relation to using cloud services, it’s important to understand who is responsible for safeguarding the data. Under GDPR, the organization will be held accountable for the security of the data, not the cloud provider. Therefore, IT personnel need to be flying the encryption banners when seeking solutions that both secure the data and meet GDPR compliance requirements. The encryption keys also need to be handled securely within the organization itself and not stored offsite or in the cloud. This ensures that even if cloud data is compromised by cybercriminals, the means to decrypt that information is kept safe and hackers are left with useless data.