The apparent cost benefits and flexibility of cloud services may have convinced companies’ front offices to dive into the cloud, but convincing corporate security teams is another matter.
Nearly seven out of eight information-technology professionals do not trust cloud providers to protect their companies’ most sensitive data, according to a recent survey conducted by Lieberman Software, a provider of privileged access management products. The majority would not trust cloud providers with their own personal data, either.
It’s not necessarily about hackers and cybercriminals. Security-sensitive firms are concerned that a rogue employee at a cloud service provider or a government agency could access their data without their knowledge, says Philip Lieberman, president of the firm.
“The big problem is there is a lot of opaqueness in what cloud providers do,” he says. “Companies want transparency, access to audit log data, and visibility into internal controls that go beyond best practices.”
The survey, conducted at the Cloud Security Alliance (CSA) Summit in November and released last week, collected responses from 300 IT professionals, with 70 percent representing companies with more than 1,000 employees and half working at companies with more than 5,000 employees.