Businesses take different approaches to securing clouds
The increased demand for mobile platforms and next-generation applications in the workplace has driven cloud computing adoption in the private sector. A new study commissioned by Thales e-Security and carried out by the Ponemon Institute revealed that approximately 82 percent of companies are either migrating confidential records to cloud-based environments or intend to do so within the next two years.
While the cloud often grants companies the ability to leverage advanced business process management software and other innovative tools, roughly 39 percent of survey respondents said the new technology has also reduced their ability to safeguard confidential data, the study noted.
Ponemon Institute founder and chairman Larry Ponemon asserted that this suggests the cost-reducing benefits of the cloud outweigh potential security concerns of using the technology. However, the steps organizations take to ensure confidential information is protected in the cloud vary between companies.
What are companies doing to safeguard sensitive records?
The survey revealed that using encryption is one of the most efficient ways to keep mission-critical applications and information away from malicious individuals.
“Staying in control of sensitive or confidential data is paramount for most companies today,” Thales e-Security strategy vice president Richard Moulds said. “For any organization that is still weighing the advantages of using cloud computing with the potential security risks of doing so, it is important to know that encryption is one of the most valuable tools for protecting data.”
Although most companies acknowledge the importance of encryption, it doesn’t mean they are applying it. In fact, the study noted that there is practically an even split between businesses that implement encryption before migrating data to the cloud and those that rely on the service provider to do so once information has been moved.
A separate report by Dark Reading confirmed the importance of applying encryption to sensitive data and cloud applications, as hosting resources off-site means having less control over their management.
“The best practices for companies dealing with information has to do with segregating who has what kind of access, deploying encryption in key areas and then severely limiting who has access to the encryption components and data in its unencrypted form,” Cloudswitch CTO John Considine said, according to Dark Reading.
While the cloud offers businesses a variety of new capabilities and advantages, decision-makers need to implement robust security tools to ensure no sensitive records are inadvertently exposed.