Cloud Security Doubted By Most IT Executives

Two-thirds of IT pros don't believe they can secure cloud

Dark Reading Staff, Dark Reading

November 3, 2011

2 Min Read
Dark Reading logo in a gray background | Dark Reading

My Mistake: 10 CIOs Share Do-Over Worthy Moments

My Mistake: 10 CIOs Share Do-Over Worthy Moments


Slideshow: My Mistake: 10 CIOs Share Do-Over Worthy Moments (click image for larger view and for slideshow)

Enterprises are using cloud infrastructures, but they aren't very confident in their ability to secure them, according to a study published Wednesday.

Fewer than half of enterprises believe their organizations have adequate technologies to secure their cloud infrastructures, according to a survey of 1,000 IT security practitioners and enterprise compliance officers conducted by the Ponemon Institute and sponsored by encryption vendor Vormetric.

According to the report, "Data Security in the Cloud Survey of U.S. IT Operations, IT Security, and Compliance Practitioners," only one-third of IT security practitioners believe cloud infrastructure as a service (IaaS) environments are as secure as on-premises datacenters, while half of compliance officers think IaaS is as secure.

Twenty-one percent of compliance officers said they are responsible for defining security requirements, but 22% of IT respondents think this responsibility belongs to business unit leaders.

Fewer than a third of respondents said they encrypt data in the cloud. IT practitioners said encryption should be used to make data unreadable by cloud service providers, but compliance officers said encryption should be used to enforce separation of duties to prevent IT administrators from accessing data they do not need to perform their jobs.

"While we were surprised by the different attitudes towards cloud security among IT practitioners and compliance officers, the findings did reveal that security in the cloud is a concern for both groups, especially in IaaS environments," said Larry Ponemon, chairman and founder of the Ponemon Institute.

Read the rest of this article on Dark Reading.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights