Welcome!

SDN Journal Authors: Elizabeth White, Pat Romanski, TJ Randall, Yeshim Deniz, Liz McMillan

Related Topics: @CloudExpo, Java IoT, Linux Containers, Cloud Security, Government Cloud, SDN Journal

@CloudExpo: Blog Feed Post

PerspecSys Survey Reveals Cloud-based Security Concerns for 2014

Companies need to be more proactive with cloud security

Today PerspecSys announced the results of a survey conducted at the 2014 RSA Conference concerning the attitudes and policies of organizations towards cloud-based security. After polling 130 security professionals on the show floor of the RSA Conference, PerspecSys found that "an overwhelming 74 percent believe security for cloud-based data in 2014 will be a bigger concern than securing data on-premise. In fact, 66 percent of security pros still view the cloud as more difficult to secure than on-premise options."
The survey found the following opinions concerning cloud security:

  • 66% felt that cloud-based data is much more difficult to secure than on the premises
  • 18% felt that securing data on the cloud is no different than securing data on the premises
  • 16% felt that cloud-based data is less difficult to secure than on the premises

When asked if their organization has security protocols in place for cloud applications:

  • 69% answered yes
  • 31% answered no

The survey asked if their organizations allow employees to access corporate cloud environments from their personal mobile devices:

  • 54% said yes, we have a policy to follow
  • 28% said no, but employees do it anyway
  • 17% said no, we are not allowed or unable to access corporate cloud environments

When asked does your organization use encryption or tokenization technologies to secure sensitive information in the cloud:

  • 36% use encryption
  • 34% don't use encryption or tokenization
  • 24% use encryption and tokenization
  • 6%   use tokenization

The survey also questioned if revelations regarding the government's access to cloud data change their willingness to employ cloud services:·         44% said that it had no effect·         28% said they are less likely to use the cloud·         25% said they are more likely to use the cloud·         4%   said regardless, they will never use the cloud

Companies need to be more proactive with cloud security
Although consumers are definitely shifting towards cloud applications, the survey results revealed that many organizations still need to take the proper steps to secure their cloud-based data. PerspecSys has concluded that:

  • "Almost 31 percent of respondents do not allow employees to access cloud applications such as Salesforce and DropBox from their mobile devices, but indicate employees do it anyway."
  • "34 percent of organizations do not encrypt or use tokenization in the cloud."
  • "31 percent of organizations do not have any significant security protocols in place for employees using cloud applications."

David Canellos, the CEO of PerspecSys, reports that "through the poll data, as well as the results of hundreds of conversations we had at our exhibition booth, we were surprised to see how few companies are putting protocols in place for employees using cloud apps, as they are nearly ubiquitous as productivity enhancers and can hold important data that an organization has a vested interest in protecting. The data reinforces that simply blocking access isn't an option, it's time to be proactive and put long trusted security tools such as encryption and tokenization in place to make sure that no matter where your data is, it is protected."

Stephen Kleynhans, research vice president of Gartner's, stated in "How the Personal Cloud Impacts IT Organizations" published on February 6, 2014 that "enterprises must establish policies to manage the use of consumer-grade personal cloud tools, ensuring that appropriate information security and compliance controls aren't being overlooked. IT organizations must also actively survey the user base to understand the motivation behind the tools' use and ensure that advantageous functionality hasn't been missed as part of official IT-supported enterprise user environments. IT organizations need to look for places where consumers are using personal cloud services and related apps, and understand the motivations, realizing there may be significant business value that has been missed by IT."

PerspecSys found that although NSA was a major discussion subject at the 2014 RSA Conference, almost half of those surveyed did not feel the recent headlines and media attention regarding government had any effect on their use of the cloud.

About PerspecSys
PerspecSys Inc. is a leading provider of cloud data control solutions that enable mission critical cloud applications to be adopted throughout the enterprise. PerspecSys gives organizations the ability to understand how employees are using cloud applications and take the necessary steps to protect sensitive information before it leaves the network. By removing the technical, legal and financial risks of placing sensitive data in the cloud, PerspecSys makes the public cloud private. Based in Toronto, PerspecSys Inc. is a privately held company backed by investors, including Intel Capital, Paladin Capital and Ascent Venture Partners. For more information please visit www.perspecsys.com and follow them on Twitter @PerspecSys.

Bookmark and Share

Cloud Musings

(Thank you. If you enjoyed this article, get free updates by email or RSS - © Copyright Kevin L. Jackson 2012)

Read the original blog entry...

More Stories By Kevin Jackson

Kevin Jackson, founder of the GovCloud Network, is an independent technology and business consultant specializing in mission critical solutions. He has served in various senior management positions including VP & GM Cloud Services NJVC, Worldwide Sales Executive for IBM and VP Program Management Office at JP Morgan Chase. His formal education includes MSEE (Computer Engineering), MA National Security & Strategic Studies and a BS Aerospace Engineering. Jackson graduated from the United States Naval Academy in 1979 and retired from the US Navy earning specialties in Space Systems Engineering, Airborne Logistics and Airborne Command and Control. He also served with the National Reconnaissance Office, Operational Support Office, providing tactical support to Navy and Marine Corps forces worldwide. Kevin is the founder and author of “Cloud Musings”, a widely followed blog that focuses on the use of cloud computing by the Federal government. He is also the editor and founder of “Government Cloud Computing” electronic magazine, published at Ulitzer.com. To set up an appointment CLICK HERE

CloudEXPO Stories
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
Historically, some banking activities such as trading have been relying heavily on analytics and cutting edge algorithmic tools. The coming of age of powerful data analytics solutions combined with the development of intelligent algorithms have created new opportunities for financial institutions. In his session at 20th Cloud Expo, Sebastien Meunier, Head of Digital for North America at Chappuis Halder & Co., discussed how these tools can be leveraged to develop a lasting competitive advantage in priority areas: customer analytics, financial crime prevention, regulatory compliance and risk management.
LogRocket helps product teams develop better experiences for users by recording videos of user sessions with logs and network data. It identifies UX problems and reveals the root cause of every bug. LogRocket presents impactful errors on a website, and how to reproduce it. With LogRocket, users can replay problems.
According to the IDC InfoBrief, Sponsored by Nutanix, “Surviving and Thriving in a Multi-cloud World,” multicloud deployments are now the norm for enterprise organizations – less than 30% of customers report using single cloud environments. Most customers leverage different cloud platforms across multiple service providers. The interoperability of data and applications between these varied cloud environments is growing in importance and yet access to hybrid cloud capabilities where a single application runs across clouds remains elusive to most organizations. As companies eagerly seek out ways to make the multi cloud environment a reality, these new updates from Nutanix provide additional capabilities to streamline the implementation of their cloud services deployments.
Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. The company has detected more than 300 million application eavesdropping incidents and currently secures more than 4,000 modern applications for its Enterprise customers around the world.