IT pros more skeptical, not more scared, of cloud security risks

16 mai 2012

Protecting greater troves of data has become more of a concern for IT professionals as they begin to conduct a larger number of regular audits of their provider's public cloud security, according to the InformationWeek Strategic Security Survey.

The survey found that 29 percent of IT departments surveyed conducted their own security audits for the public cloud provider at their company. It was an 11 percent increase from last year as data security in the cloud becomes a more severe worry. Another 9 percent aimed to conduct an assessment, but were blocked from doing so by the vendor.

Still not safe
Audits didn't help the IT professionals feel any more comfortable about the safety of their networks - though they didn't feel they were under any more danger either. The number of respondents who felt they were more vulnerable than last year held steady at the same 15 percent from the 2011 survey.

However, among those who did feel a sense of foreboding about their network safety in 2012, there was a shift in the area of concern. There was less fear about newer and more plentiful ways they could come under attack - down from 76 percent of those who felt more vulnerable to 62 percent - and much more concern about the sheer amount of data in their network.

In 2011, 34 percent of those who were more concerned than in the past cited the growing amount of customer data they were responsible for. Data protection fears rose 10 points to 44 percent in this year's survey.

Cost of loss falling
Fears continued to rise, even as the cost of a data breach is dropping, according to a March study by a security software company.

After seven years of rising costs, the average amount a company would have to spend on a breach decreased from $7.2 million to a still-imposing $5.5 million. With more overall records and less overall cost, the price of losing a single record dropped from an average of $214 dollar to $194.

InformationWeek points out that the cost of cleanup is not an exact science, instead being determined on a case-by-case basis. Even so, 20 percent of their study's respondents took out some sort of breach insurance policy, choosing reactive measures instead of diverting more of the budget to proactive protection like data loss prevention strategies.

-McAfee Cloud Security