Cloud Triples A Firm’s Probability of Data Breach

by CXOtoday News Desk    Jun 09, 2014

cloud security

While cloud computing is seeing a rapid growth in recent times, a new study by the Ponemon Institute shows that increased use of the cloud based products and services can triple a company’s probability of a major data breach, and that the cost can be staggering.

The study titled “Data Breach: The Cloud Multiplier Effect,” reveals that for a data breach involving 100,000 or more customer records the cost would be just over $20 million and that a breach of that scale is three times more likely for enterprises that rely on cloud app services. “The “cloud multiplier effect” translates to a 3% higher risk of a data breach for every 1% increase in the use of cloud services. This means that an organization using 100 cloud services would only need to add 25 more to increase the likelihood of a data breach by 75%,” says the report

However, the study also points out that the importance of cloud based services cannot be ignored. With huge increases in the number of employees working from home, the convenience, cost effectiveness and ease of administration of cloud application services means enterprises are only going to rely more heavily on cloud applications in the future.

In 2013 itself, the cloud computing market was worth more than US$131 billion, stated Gartner while predicting huge growth in the coming years. However security considerations are of paramount importance with this pace of growth, found the study, that polled more than 613 IT and security professionals.

The research also reveals that IT and security decision makers said that 45% of all software applications used by their organizations are in the cloud, but that half of these aren’t even visible to IT administration. And while they estimated that 36% of business-critical apps are also based in the cloud, IT lacks visibility into nearly half of them.

Some of the other key findings include:

More than two-thirds of IT professionals surveyed believe their organization isn’t proactive in deciding which information is too sensitive to be stored in the cloud;

Sixty-two per cent say the cloud services used by their organization aren’t properly vetted for security before deployment;

Nearly three-quarters believe their cloud service provider wouldn’t even notify them immediately of a data breach involving the loss or theft of intellectual property or business confidential information;

Seventy-one per cent say they wouldn’t expect to receive immediate notification following a breach involving the loss or theft of customer data.

As with any technology, when use becomes more widespread, the target gets bigger, states technology analyst Bill Kleyman adding that the amount of data we continue to push through the cloud will keep increasing as more services are developed to be cloud-centric. Next-generation security technologies, such as applications and APIs, next-generation firewalls (physical and virtual) and data collaboration security will help keep data secure, and our enable CIOs to logically segment key data points for even greater information agility. But the future of the cloud will only be as powerful as the security solutions we can wrap around these new emerging platforms, he states.