For many businesses, cloud computing presents a great opportunity to make the most of bigRead More
Many firms still struggling to secure cloud-based data
For many businesses, cloud computing presents a great opportunity to make the most of big data, as the technology allows them to access storage and processing resources that may otherwise be beyond their reach.
But if they are going down this route, they must take steps to ensure any sensitive data they transfer to the cloud is secure – and this is something that is proving to be a challenge for a large number of firms.
A recent study conducted by Gemalto and the Ponemon Institute found that although 73 per cent of enterprises currently regard cloud-based platforms as important to their current operations, fewer than half of IT security professionals are confident in the security of their solutions.
Some 54 per cent of respondents did not agree their companies have a proactive approach to managing security, or ensuring that their cloud solutions comply with privacy and data protection regulations.
Additionally, 56 per cent did not agree their organisation is careful about sharing sensitive information in the cloud with third parties such as business partners, contractors and vendors.
This is despite the fact that a growing amount of data, ranging from customer information to payment records, is stored or processed in the cloud. In 2014, 53 per cent of businesses held customer data in the cloud, but this has increased to 62 per cent today. The majority of respondents (53 per cent) also consider this information to be most at risk.
Dr Larry Ponemon, chairman and founder or the Ponemon Institute, said that cloud security "continues to be a challenge for companies, especially in dealing with the complexity of privacy and data protection regulations".
He added: "To ensure compliance, it is important for companies to consider deploying such technologies as encryption, tokenisation or other cryptographic solutions to secure sensitive data transferred and stored in the cloud."
This is something many firms are currently failing to do. The survey showed only a third of businesses (34 per cent) using Software-as-a-Service solutions currently encrypt or tokenise sensitive data that is being transferred to the cloud.
One common concern was that conventional security practices do not apply when dealing with the cloud, which means firms may have to adapt their approach to activities such as big data analytics. Seven out of ten firms (70 per cent) cited this as a challenge, while 69 per cent stated the fact they cannot directly inspect cloud providers for security compliance is a problem.
Jason Hart, vice-president and chief technology officer for data protection at Gemalto, commented that although organisations have embraced the cost and flexibility benefits of the cloud, it is clear that many businesses are still struggling to maintain control of their data in this environment.
"It's quite obvious security measures are not keeping pace because the cloud challenges traditional approaches of protecting data when it was just stored on the network," he continued. "It is an issue that can only be solved with a data-centric approach in which IT organisations can uniformly protect customer and corporate information across the dozens of cloud-based services their employees and internal departments rely on every day."