The regulatory requirements that would impress information security pros include the Payment Card Industry Data Security Standard (PCI-DSS), Sarbanes-Oxley (SOX), or the Federal Information Security Management Act (FISMA).
"Many companies comply with several compliance requirements, and managing these environments to meet compliance regulations can be challenging. Security professionals are focused on making sure that regulatory compliance is considered at the beginning of each cloud initiative", said David Meltzer, vice president of engineering for nCircle.
Only 7% of the 547 respondents said that they outsource more than one-third of their organization’s infrastructure to the cloud, according to the nCircle Cloud Security Trend Study.
"Although cloud adoption is growing, it continues to be a minor part of most organizations' infrastructure", Meltzer noted.
For the third consecutive year, cloud computing was a top security concern of IT professionals, according to the online survey.
"Cloud adoption blurs the boundaries of sensitive data storage, making it far more difficult to control and protect. It's also extremely easy for anyone to provision cloud resources without involving security or IT. It can be difficult to discover all the cloud infrastructure being used on enterprise networks because many traditional IT security tools don't adapt easily to cloud environments", Meltzer added.