Processing and storage of data in the cloud has become more and more common. Against this backdrop, securing data in the cloud has also become critical. While end users in different markets across the globe realize this point, a recent survey shows that the level of security applied to data in the cloud varies from country to country.
The research was conducted by the Ponemon Institute on behalf of
Gemalto, with 3,285 IT and IT security practitioners surveyed across the U.S. (575), U.K. (405), Australia (244), Germany (492), France (293), Japan (424), India (497) and Brazil (355).
The study reveals that while the vast majority of global companies (95 percent) have adopted cloud services, there is a wide gap in the level of security precautions applied by companies in different markets. In particular, German businesses are almost twice as likely to secure confidential or sensitive information in the cloud (61 percent) than British (35 percent), Brazilian (34 percent) and Japanese (31 percent) organizations, the numbers show.
The study further shows that Germany’s lead in cloud security extends to its application of controls such as encryption and tokenization. The majority (61 percent) of German organizations revealed they secure sensitive or confidential information while being stored in the cloud environment, ahead of the U.S. (51 percent) and Japan (50 percent), the poll shows.
Also according the survey, about half of respondents say that payment information (54 percent) and customer data (49 percent) are at risk when stored in the cloud. Due to this perceived risk, almost all (88 percent) believe that the new General Data Protection Regulation (GDPR) to be implemented in Europe will require changes in cloud governance, the survey shows.
Complexity of cloud data protection
Meanwhile, the survey reveals that three-quarters of global respondents (75 percent) think it is more complex to manage privacy and data protection regulations in a cloud environment than on premise networks, with France (97 percent) and the U.S. (87 percent) finding this the most complex, just ahead of India (83 percent).
The study also found that there is a gap in awareness within businesses about the services being used. Only a quarter (25 percent) of IT and IT security practitioners revealed they are very confident they know all the cloud services their business is using, with a third (31 percent) confident they know, the survey shows.
Upon closer examination, over half of Australian (61 percent), Brazilian (59 percent) and British (56 percent) organizations are not confident they know all the cloud computing apps, platform or infrastructure services their organization is using, while confidence is higher elsewhere, with only around a quarter in Germany (27 percent), Japan (27 percent) and France (25 percent) not confident.
According to the study, the vast majority (81 percent) believe that having the ability to use strong authentication methods to access data and applications in the cloud is essential or very important, according to the survey. Businesses in Australia are the keenest to see authentications put in place, with 92 percent agreeing it would help ensure only authorized people could access certain data and applications in the cloud, ahead of India (85 percent) and Japan (84 percent), it shows.
“While it's good to see some countries like Germany taking the issue of cloud security seriously, there is a worrying attitude emerging elsewhere,” said Jason Hart, CTO of Gemalto. “No matter where data is, the appropriate controls like encryption and tokenization need to be placed at the source of the data. Once these are in place, any issues of compliance should be resolved.”