As enterprises continue to accumulate data, the issue of where to store it all becomes an increasing problem. Many companies utilize the cloud to archive and share information, but not all cloud solutions are created equal. Cloud services are typically free or come with a minimal cost, and offer an easy storage solution. Recently, the security of data stored with cloud services has come into question.
IT pros skeptical of public cloud services
A new study conducted by the Ponemon Institute was released earlier this week that examined perceptions and financial costs of breaches in cloud security. More than 600 IT and security professionals were surveyed about their company's cloud service usage.
The report found that respondents overwhelmingly believe that their organization's high value data is less secure when enterprise cloud service use increases. Participants estimated that when cloud service usage increases by 1 percent, the likelihood of a data breach grows by 3 percent.
The report also revealed that those surveyed felt that due diligence was lacking when it came to the implementation and monitoring of organizations' security programs. Sixty-two percent of respondents did not believe the cloud services used by their company were properly vetted for vulnerabilities before they were deployed. Nearly 70 percent of those surveyed thought their organization was not sufficiently proactive in assessing what information should be stored in the cloud.
A previous study from May conducted by the Ponemon Institute on the cost of a data breach found that the cost of a single lost or stolen record was $201. Using that figure, a breach affecting 100,000 records would cost a company more than $20 million.
Participants estimated that 45 percent of all software applications used by their organization were cloud-based, but half of the apps cannot be seen by the IT department. It was also estimated that 36 percent of apps critical to business functions were in the cloud but, again, nearly half of them weren't visible to IT workers.
"The report shows that while there are many enterprise-ready apps available today, the uncertainty from risky apps is stealing the show for IT and security professionals," said Sanjay Beri, CEO of cloud security firm Netskope. "Rewriting this story requires contextual knowledge about how these apps are being used and an effective way of mitigating risk."
Increasing security with private cloud
Despite the perceived risk, more than half of organizations surveyed still trust cloud providers with sensitive enterprise data. This is most likely due to the fact that organizations using private cloud platforms to store information have an increased amount of privacy and security than those who use public cloud services. Public clouds store the data of all their customers together, creating an environment rife with vulnerabilities and desirable for cybercriminals. It also has the potential for downtime if the demands on the network become too great.
A private enterprise cloud solution provides the same ease of access and ability to share information as public platforms while dramatically decreasing the likelihood of a data breach. An organization's sensitive data is stored on a dedicated server, reducing the chances of information being compromised by operator error. Private clouds also allow companies to make their own security decisions, instead of trusting whatever the service provider has decided to do. Tiered storage structures can be employed, providing more sensitive information with extra security and protection.