The transition to corporate cloud computing over the past few years has been intense. More and more companies are looking to the cloud as a method of providing employees, consultants and others with real time access to key corporate network resources and applications. This allows them to stay connected to applications whether on the road, working from a client site or their home office. While companies have been focused on leveraging the benefits of the cloud, it seems far fewer have been as focused on managing the security risks and other challenges the cloud presents.
During the 2014 RSA Conference, an informal survey was conducted of 130 corporate security professionals to identify their personal attitudes towards company security and use policies governing cloud security. The results were interesting and in some cases surprising. To provide additional insights into how companies are managing the cloud, we have provided a summary of key findings below.
Key Findings from the RSA Survey
Cloud Security – 74% of participants surveyed believe that cloud based data security will be a higher priority than on premise data security in 2014.
Cloud Security Challenges – 66% of participants surveyed find that data protection in the cloud is much more difficult than on premise applications and data security.
Cloud Security Protocols – 69% of participants affirmed their companies have a cloud security protocol that is followed. The other 31% of participants indicated there is no uniform security protocol currently in place. The 31% seems to be a surprisingly high number given the data breaches recently suffered by large retail companies.
Personal Device Cloud Access – 54% of participants surveyed indicated they do allow employees to access cloud based applications and data from personal devices. However, these participants also indicated the company has a policy governing access rules which employees must follow.
Encryption or Tokenization Security – 34% of participants indicated they do not use encryption or tokenization to provide additional security to protect sensitive financial or other information in the cloud.
Government Access to Data – 44% of participants surveyed indicated that recent revelations about government access to cloud data have had no impact on their decision to work in the cloud. 28% of participants surveyed indicated they are less likely to use the cloud due to government access. 4% of participants surveyed indicated they will never use the cloud regardless of government data access.