UK businesses are unable to identify the risk to 58 percent of the confidential data stored in the cloud and 28 percent of the sensitive information held on site, as highlighted in a recent Ponemon Research survey.
The survey reports less than half of UK organisations have a process for determining the sensitive or confidential data on premise and only a quarter have a process in place for data in the cloud. Not knowing where sensitive or confidential data is located is one of the biggest concerns for half of IT and IT security experts. Expansion of data renders manual processes, custom tools and surveys antiquated for developing accurate and actionable pictures of the sensitive data at risk within organisations. Due to data growth, organisations are relying on automated solutions to help them discover sensitive or confidential data and assess the risk.
Amit Walia, senior vice president and general manager, Data Integration and Security, Informatica said, “To reduce threat exposure and improve breach resiliency, organisations need to invest in data centric security technologies, which enable businesses to enact the need-to-know data access policies that help limit the exposure of sensitive data.”
If an organisation doesn't know the sensitive data that it has on premise, it's then highly unlikely that it will comprehend what it has moved to the cloud for platform or application services.
Dr Larry Ponemon, chairman and founder, Ponemon Institute said, “Whilst businesses are more confident about having data on premise, the shift towards cloud computing is continuing to accelerate and organisations can't afford to be held back by data security concerns. Instead, security practitioners need to get a handle on the classification of data so that they can feel more confident about the information that they are moving to the cloud. Regardless of whether information is held on premise or in the cloud, data governance protocols should be the same.”
The Cloud is believed to not be a safe storage solution for corporate data as found through research conducted by iStorage. Surveyed respondents include a wide range of professionals in the industry. “Cloud technology should only be used to store encrypted, non-sensitive information, “ said John Michael, founder and CEO of iStorage.
“Data protection is only going to grow in importance on the corporate agenda, with the new European General Data Protection Regulation shining a spotlight on the role that all professionals will be expected to play in safeguarding the information that has been entrusted to them and their organisations,” comments John Michael. “Currently there is confusion and a lack of understanding about what this regulation means and the effect that it will have. This must be addressed in advance of the regulation coming into effect, to ensure that all businesses are fully prepared for the data challenges of the future.”