54% of UK Firms Keep Sensitive Data in the Cloud

When it comes to UK cloud use, a full 54% of businesses keep sensitive data there—but considering that 80% of them use cloud in general, it’s clear that security remains a genuine concern and a major stumbling block for many.

Since cloud computing has the potential to give businesses additional speed, agility and flexibility, the majority of enterprises are already using cloud environments. In fact, IDC predicts that, by next year, there will be an 11% shift of IT budget away from traditional in-house IT delivery toward various versions of new cloud delivery models.

But, according to Vormetric’s Cloud and Big Data edition of our 2015 Insider Threat report, in the U.K., cloud environments (39%) are now considered to present more of a risk to enterprise organizations than databases (38%) and file servers (33%). Equally, it shows how the incorporation cloud computing technology use has entered mainstream business practices.

The firm added that the high-profile server level breaches that took place throughout 2013 and 2014—affecting the likes of Yahoo!, Ubisoft, eBay and Paddy Power—have served to trigger a change in this area of data security.

A report issued by the European Union Agency for Network and Information Security (ENISA) dovetails with the finding—it confirmed that the adoption of cloud computing in the public sector alone across the European Union is being considerably held back by worries over how sensitive data can be secured.

“There is little doubt that fear and a hyper-awareness of recent high-profile data breaches are slowing implementation and adoption of these platforms,” said Darren Harmer, a consultant with Vormetric, in a blog.

He added, “This reticence is echoed in the private sector where even the likes of Volkswagen have openly acknowledged that they will not use the cloud due to these same unresolved issues around data privacy and the associated regulatory headaches they bring.”

That said, a promising statistic from the report is that more than half of the respondents worldwide would be more willing to use cloud services if the provider offers data encryption with key access control.

“The time has come to act and to see data security as a business enabler,” said Harmer. “Fortunately it seems this message is starting to hit home…Looking to data-centric security solutions that offer policy-based separation of duties is crucial. Not only do they prevent cloud administrators, root users and other network system admins from abusing their privileged status or falling victim to APT attacks and other sophisticated malware, they also provide visibility into what is happening to sensitive information as it moves throughout the network, and across the various working or storage environments.”

What’s Hot on Infosecurity Magazine?