略過巡覽連結
全部類別
照片
影音新聞
政府機關
國內公司行號
國外公司行號
非營利組織
中文稿
英文稿
有附件
無附件
受理採訪通知

會員登入
| 舒適閱覽 :

Thales Study: Organizations Worldwide Failing to Adequately Protect Sensitive Data in the Cloud

(中央社訊息服務20191108 17:14:19)PARIS LA DÉFENSE--(BUSINESS WIRE)-- A new global study from Thales, with research from the Ponemon Institute, has exposed an increasing disparity between the rapid growth of data stored in the cloud and an organization’s approach to cloud security. Although nearly half (48%) of corporate data is stored in the cloud, only a third (32%) of organizations admit they employ a security-first approach to data storage in the cloud.
Surveying over 3,000 IT and IT security practitioners in Australia, Brazil, France, Germany, India Japan, the United Kingdom and the United States, the research found that only one in three (31%) organizations believe that protecting data in the cloud is their own responsibility.

• Nearly half (48%) of all corporate data is stored in the cloud, up from a third (35%) three years ago
• Less than half (49%) of organizations are encrypting sensitive data in the cloud
• Only one-third (32%) of organizations believe protecting data in the cloud is their responsibility

Increased multi-cloud cloud use, but with risks
With the proliferation of cloud-based services, businesses and other organizations are increasingly dependent on cloud providers. In fact, nearly half (48%) of organizations have a multi-cloud strategy, with Amazon Web Services (AWS), Microsoft Azure and IBM being the top three. The study found that, on average, organizations use three different cloud service providers and over a quarter (28%) are using four or more.
Despite storing sensitive data in the cloud, nearly half (46%) surveyed revealed that storing consumer data in the cloud makes them more of a security risk. Over half (56%) also noted that it posed a compliance risk. In addition, organizations believe that cloud service providers bear the most responsibility for sensitive data in the cloud (35%), ahead of shared responsibility (33%) and themselves (31%). Even though businesses are pushing the responsibility to cloud providers, only 23% say security is a factor in selecting them.
“With businesses increasingly looking to use multiple cloud platforms and providers, it’s vital they understand what data is being stored and where,” said Larry Ponemon, chairman and founder of the Ponemon Institute. “Not knowing this information makes it essentially impossible to protect the most sensitive data --ultimately leaving these organizations at risk. We’d encourage all companies to take responsibility for understanding where their data sits to ensure it’s safe and secure.”

Encryption increasing, but organizations handing over keys to cloud providers
Roughly half (51%) of businesses and other organizations still do not use encryption or tokenization to protect sensitive data in the cloud. The study uncovered regional disparities in terms of data security, with German organizations being the most advanced in their use of encryption at 66%.

Organizations are handing over the keys to their encrypted data to cloud providers. Nearly half of cloud companies (44%) provide the encryption keys when data is encrypted in the cloud, ahead of in-house teams (36%) and third parties (19%). On top of this, 53% are controlling these encryption keys themselves, despite 78% saying it’s important their organization retains control of the keys.
Over half of businesses (54%) think cloud storage makes it more difficult to protect sensitive data, up from 49% last year. More than 70% believe that data in a cloud environment is harder to protect due to the complexity of managing privacy and data protection regulations, while an additional two-thirds (67%) cited the difficulty of applying conventional security methods in the cloud.

“This study shows that businesses today are taking advantage of the opportunities that new cloud options offer, but aren’t adequately addressing data security,” said Tina Stewart, vice president of market strategy for cloud protection and licensing activity at Thales. “Having pushed the responsibility towards cloud providers, it is surprising to see that security is not a primary factor during the selection process. It doesn’t matter what model or provider you choose, the security of your business’ data in the cloud has to be your responsibility. Your organization’s reputation is on the line when a data breach occurs, so it is critical to ensure in-house teams keep a close eye on your security posture and always retain control of encryption keys.”

For more information, attend our “Global Trends in Cloud Security: Gaps in Security Persist in a Multi-Cloud World” webinar taking place on November 7 or visit the 2019 Thales Cloud Security Study website.
Research methodology
This research was conducted by the Ponemon Institute on behalf of Thales with 3,667 IT and IT security practitioners surveyed across the Australia, Brazil, France, Germany, India, Japan, the United Kingdom and the United States.

Industry insight and views on the latest data security trends can be found on the Thales blog at blog.thalesesecurity.com.
Follow Thales on Twitter, LinkedIn, Facebook and YouTube.

About Thales
Thales (Euronext Paris: HO) is a global technology leader shaping the world of tomorrow today. The Group provides solutions, services and products to customers in the aeronautics, space, transport, digital identity and security, and defence markets. With 80,000 employees in 68 countries, Thales generated sales of €19 billion in 2018 (on a pro forma basis including Gemalto).

Thales is investing in particular in digital innovations — connectivity, Big Data, artificial intelligence and cybersecurity — technologies that support businesses, organisations and governments in their decisive moments
PLEASE VISIT
Thales Group
Security
Download HD photos
Contacts
Thales, Media Relations
Security
Constance Arnoux
+33 (0)1 57 77 91 58
constance.arnoux@thalesgroup.com


訊息來源: Business Wire
  

Top 中央社訊息平台首頁
新聞稿刊載服務請洽本社業務行銷中心人員,電話(02)2505-1180 轉 781 ~ 786 或 790 ~ 797 本平台資料均由投稿單位輸入後對外公布,資料如有錯誤、遺漏或虛偽不實,均由投稿單位負責
關閉提示
訊息提示
顯示提示