Who oversees security in the cloud? The cloud provider? The cloud user? Or is it both? Either way, there seems to be an air of uncertainty when it comes this critical responsibility.
The latest findings from the Ponemon Institute report “2018 Global Cloud Data Security Study” surveyed IT security professionals to gain insight into the key trends in data governance and security practices for cloud-based services; and the results don’t make for positive reading.
The most alarming revelation uncovered by the report was the fact that organizations admitted that on average, only two-fifths (40%) of the data stored in the cloud is secured with encryption and key management solutions. It also revealed that organizations in the UK (35%), Brazil (34%) and Japan (31%) showed less caution than their German counterparts (61%) when sharing sensitive and confidential data stored in the cloud with third parties.
Cloud data security is clearly not being taken seriously - and worryingly it seems to be on a global scale. This leaves both the organizations and their customers’ critical information exposed to the risk of attack.
With the GDPR only a matter of months away, enterprises that operate in Europe and process European citizens’ information must get up to speed pretty quickly. Otherwise, the punishment for such negligence and non-compliance will result in fines of up to 20 million euros or 4% of the organizations global annual turnover.
Thankfully, the findings weren’t all doom and gloom, with over three quarters (77%) of organizations around the globe recognizing the need of having and implementing security solutions such as encryption. This is further backed by the fact 91% of respondents believe this security requirement will become vital in the next two years.
It is a clear indication that there could be light at the end of the online tunnel, especially with security professionals understanding the need for security solutions, such as encryption, to help reduce the overall impact of laws such as GDPR to their company.