A survey of IT professionals, released yesterday, announced that despite security concerns and the expected growth in cloud computing, only 27% of respondents said their organizations have procedures for approving cloud applications that use sensitive or confidential information. The study was coordinated by
The survey, which polled a range of industries including insurance, found that only 20% of the organizations surveyed reported that their information security teams are regularly involved in the decision-making process and approximately a quarter said they never participated at all. However, 69% of the respondents indicated they would prefer to see the information security or corporate IT teams lead the cloud decision-making process.
Only 19% of the respondents indicated that their company provides general data security training that discusses cloud applications. In addition, 42% of the respondents noted that their company offers general data security training that does not specifically discuss cloud applications.
“Cloud computing holds a great deal of promise as a tool for providing many essential business services, but our study reveals a disturbing lack of concern for the security of sensitive corporate and personal information as companies rush to join in on the trend,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute in the announcement. “In order to properly address information security concerns we encourage organizations to immediately incorporate policies and processes for determining vendor qualifications. In addition, cloud computing vendors must also be willing to adopt a more transparent posture.”
The full report, “Flying Blind in the Cloud: The State of Information Governance,” is available
This story has been reprinted with permission from
