Worries about cloud and security have been an issue from the very moment the option to host data off-site emerged as an option for customers.
Initially those fears were quite knee jerk around questioning just how safe data was that no longer resided behind the protection of the corporate firewall.
But as the knowledge of cloud computing increases and the compliance regulations become ever more wider in their scope the challenge now is for users to be able to pinpoint where their data resides and to be able to prove that it is safe.
Last week The Cloud Industry Forum found that users were increasingly worried that their data was shoved into the cloud and left unencrypted open to potential attacks.
Speaking at the time John Michael, founder and CEO of iStorage, said that cloud technology made life easier for mobile workers, “but it’s certainly not without its risks; it really should only be used to store encrypted, non-sensitive information”.
“Ultimately, the cloud concept refers to a physical data centre and as such users are very much reliant on trusting cloud providers to protect any information that they store in this way,” he added.
That CIF research has been followed up quickly by more evidence from Informatica that determining just where data is and how well it is protected is becoming more of an issue for customers.
The headline findings were that customers were unable to determine the risk to half of their data stored in the cloud as well as just shy of a third of the info that was held on-premise.
Not knowing where confidential information is being stored is clearly a major headache for customers and something that the channel will need to address head-on when proposing a cloud service.
Resellers are already aware that even with the boundaries nature of the cloud customers still like to buy from a local supplier and be given the option of visiting the data centre where their information is being stored.
“As the research shows, the majority of organisations do not have a handle on their sensitive data, regardless of whether it exists on premise or in the cloud. However, because businesses have less confidence in their understanding of sensitive data then they perceive more risk,” said Amit Walia, senior vice president and general manager, data integration and security, Informatica.
“To reduce threat exposure and improve breach resiliency, organisations need to invest in data centric security technologies, which enable businesses to enact the need-to-know data access policies that help limit the exposure of sensitive data,” added Walia.
Cloud data worries
Overall, 30% of the sensitive or confidential data located in the cloud is believed to be at risk.
Despite respondents being more concerned about data security in the cloud than they are about data on-premise, only 32% of organisations have a common process for assessing the threats, creating a blind spot in security.
Overall, 54% of respondents admit they are not confident in their ability to proactively respond to a new threat in the cloud highlighting that data growth and proliferation from, and within, the cloud raises security and privacy risks if not carefully understood and managed.
The survey was undertaken for Informatica by the Ponemon Institute and its chairman and founder Dr Larry Ponemon chipped in with his take on what was happening out in customer land.
“The survey highlights that whilst organisations continue to fear cyber attacks, what really keeps them up at night is the unknown. Namely not knowing where data is and the associated risk to it,” he said.
“The shift towards cloud computing is continuing to accelerate and organisations can’t afford to be held back by data security concerns. Instead, security practitioners need to get a handle on the classification of data so that they can feel more confident about the information that they are moving to the cloud. Regardless of whether information is held on premise or in the cloud, data governance protocols should be the same,” he added.
For the channel the hands on local approach might be just the alternative that some customers worried about dumping data with a public cloud service are looking for. Those suppliers that continue to be vague about exactly where the data is stored will find more questions being asked by users.
Informatica helps bring real-time, query-based analytics reporting to employees