British businesses harness a lackadaisical attitude towards securing data in the Cloud. UK-based businesses are almost half as likely to secure confidential or sensitive data in the Cloud compared to their German counterparts, according to a study by Gemalto and Ponemon.
The study highlights big gaps between countries attitudes towards data protection in the Cloud. The study found that while 95 per cent of global businesses have invested in secure cloud technology, some nations are lagging behind when it comes to shoring up shop. While 61 per cent of German business said they would use cloud security measures to store sensitive data, a mere 35 per cent of British businesses use the Cloud in the same way. In Brazil the figure is 34 per cent and in Japan it is as low as 31 per cent. In total, only two-fifths of global organisations survey said their data stored in the cloud is secured with encryption and key management solutions.
Crucially, however, over three quarters of organisations across the globe recognize the importance of having the ability to implement cryptologic solutions, such as encryption. This is only set to increase, with 91 per cent believing this ability will become more important over the next two years – an increase from 86 per cent last year.
"While it’s good to see some countries like Germany taking the issue of cloud security seriously, there is a worrying attitude emerging elsewhere," said Jason Hart, CTO, Data Protection at Gemalto. "This may be down to nearly half believing the cloud makes it more difficult to protect data, when the opposite is true.
"The benefit of the cloud is its convenience, scalability and cost control in offering options to businesses that they would not be able to access or afford on their own, particularly when it comes to security. However, while securing data is easier, there should never be an assumption that cloud adoption means information is automatically secure. Just look at the recent Accenture and Uber breaches as examples of data in the cloud that has been left exposed. No matter where data is, the appropriate controls like encryption and tokenization need to be placed at the source of the data. Once these are in place, any issues of compliance should be resolved."