Study: Sensitive Data Still Placed in Cloud

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

A cloud security study commissioned by IAM firm Symplified found that despite security risks, one third of enterprises store highly sensitive data in the public cloud, If anything, the findings reveal a glaring security gap between what users know they need and what they actually have. And partners will likely be called upon to fill those gaps as cloud adoption swells.

Yes, we all know the risks of eating junk food, smoking and not wearing seat belts. And yet, so many of us ignore the risks, often because we think that the consequences somehow won’t catch up to us.

The same mentality applies to security. A cloud study conducted by identity and access management services firm Symplified revealed that despite overwhelming security concerns, one third of enterprises place highly sensitive data in the public cloud.

Related articles

Specifically, the findings were generated from an independent August 2012 study, titled “Access Management for the Extended Enterprise: A Timely Challenge,” conducted by Forrester Consulting and commissioned by Symplified.

Among the most significant findings was that while most enterprises had security concerns about the cloud, nearly a third of them already were storing their sensitive data, such as regulated financial (34 percent) and healthcare information (29 percent) in SaaS apps.

However, the study also showed that cloud security is becoming increasingly top of mind. And even when users are aware of the risks, implementing comprehensive identity and access management solutions still might be easier said than done. Nearly half of respondents doubt that their existing IAM infrastructure will be able to support cloud applications or provide single sign-on as a security mechanism. Altogether, 52 percent of enterprises say they were very concerned or somewhat concerned that their infrastructure was not current enough to support cloud IAM protocols.

Meanwhile, 38 percent say they have strong concerns that their existing IAM infrastructure was not compatible with their cloud IAM solution. And another 52 percent of enterprises say that they are concerned that their access request processes didn’t fit with their cloud IAM solution.

“This survey reveals that enterprises recognize the need for cloud identity and access management, but they’re concerned about their ability to integrate these capabilities within existing infrastructures,” said Brian Czarny, vice president of marketing for Symplified. “It’s also clear that supporting non-SAML apps is a big challenge, and that organizations want the ability to choose between cloud-based and on-premises security options.”

Perhaps once upon a time, cloud security -- and especially niche cloud solutions such as IAM mechanisms -- were pushed to the back burner as companies rabidly adopted cloud infrastructure to cut costs, increase productivity and accelerate efficiencies.

However, along with aggressive cloud adoption came an increasing number of high profile data breaches.

Earlier this summer, Wired reporter Mat Honan appeared to be on the receiving end of one such breach when a hacker infiltrated his iCloud account – possibly using a brute force attack --  in order to remote wipe all of his devices, including his iPhone, iPad and MacBook Air.

And a spate of attacks and compromises against online cloud storage and collaboration firm DropBox also served to underscore potential security risks -- further highlighted over the summer when an employee’s account was hacked in an effort to obtain customer e-mail addresses.

Granted, cloud security breaches are still relatively small in number, as the platform is still gaining ground and finding its place in a rapidly evolving market.

But if anything, the survey indicates that more users have a growing awareness of security issues associated with the cloud. That said, there remains a glaring security gap between what users know they need and what they actually have.

And that’s where the channel can clearly come in. The disparity between what users have and what they want sets the stage for partners to make an entrance with customers by conducting assessments on where they fall short in cloud security infrastructure.

From there, it’s not a far stretch for partners to introduce cloud security and access management solutions that integrate with existing infrastructure and interoperate with other systems. And that also paves the way for a host of related cloud-based IAM services that will serve to stretch their portfolios, and ultimately hike up their relevance in the market as cloud adoption continues to swell.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Uncategorized
basis smartwatch intel peak

Survey: Wearable Tech and in-home IoT Devices Set to Rise

Wearable tech to become more mainstream over the next five years

A syringe with a cash injection

Nutanix Secures $140 million in Funding

Nutanix preparing for IPO in next 12 months with second round of funding in 2014

persuasive-links

Continuum and Fiberlink Develop Relationship with MDM Solution

Continuum and IBM's Fiberlink add new modules to MDM solutions in attempt to entice MSPs

Apple iWatch Launch Just Two Weeks Away - Report

Long-awaited 'iWatch' rumored to coincide with iPhone 6 launch

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
healthy-heart

Microsoft Getting Healthy, Thanks to Consumers

Is it time to take the software giant off the watch list of tech companies in distress, at least on the consumer side, asks Larry Walsh

John Murdock - Kaspersky Lab

Vendor Q&A Series: John Murdock, Kaspersky Lab

The latest executive to sit in the channelnomics hotseat is John Murdock, Vice President, Channel Sales, Kaspersky Lab North America

Broken heart

An amicable split?

Where will HP and Symantec's conclusion that the sum of their parts is greater than the whole leave partners?

elvis67878787

Suspicious minds in the post-Snowden world

Investment in new technologies being avoided with security experts wary of cloud and new technologies post-Snowden