Security is one of IT’s biggest concerns when considering a move to the cloud. But a new survey reveals some distressing news: Most vendors don’t care about keeping data secure.
That’s the word from a recent survey of cloud providers conducted by the Ponemon Institute. Among the U.S. vendors surveyed, 73% said their service doesn’t “substantially protect and secure” customers’ data.
Providers also aren’t putting a whole lot of effort into security — 79% of the vendors surveyed said they dedicate less than 10% of their resources to security.
Why is that? Cloud providers don’t believe that protecting data is their job, or that customers care. Just 25% of vendors said they view security as one of their most important responsibilities, and only 19% said security is a competitive advantage for cloud vendors.
For IT managers, this means they must be even more diligent about evaluating vendors’ security and conducting audits. It’s easy to assume a vendor will take the lead in protecting the data it stores, but as this report shows, that isn’t necessarily the case.
Businesses can keep their data safe when it’s in the cloud by:
- Checking up on a vendor’s security controls — including learning about how its employees are hired and trained — when choosing providers
- Making sure the provider can accommodate your company’s specific compliance and security needs, based on regulations for your industry or the company’s own policies, and
- Keeping data with high security needs in-house. When dealing with information that’s especially sensitive, a cloud platform may not be the best option.