There are a number of concerns that companies have over migrating to the cloud, but one of the key ones is who else might have access to the data.
Cloud security company Bitglass has released the results of its latest Mitigating Cloud Risks survey in conjunction with the Cloud Security Alliance (opens in new tab), which shows that potential government access to encrypted data is an issue.
According to the findings, 35 per cent of IT security professionals believe cloud app vendors should be forced to provide government access to encrypted data while 55 per cent are opposed. In the US there's more opposition with 64 per cent opposed to government cooperation, compared to only 42 per cent of EMEA respondents.
"While hotly contested issues like government intervention remain open, several years of experience with major public cloud apps has demonstrated that the cloud can be more secure than on-premises applications," says Nat Kausik, CEO of Bitglass. "The primary open concern is whether enterprises can put policies and controls in place to use the cloud securely".
Among other findings are that most organisations have experienced some kind of cloud security incident, with 59 per cent related to unwanted external sharing and 47 per cent involving access from unauthorised devices. Cloud visibility is lacking too, less than half (49 per cent) of organisations know even the basics, such as where and when sensitive data is being downloaded from the cloud.
Cloud Access Security Brokers (CASBs) are on the rise, with 60 per cent of organisations having deployed or planning to deploy a CASB, with data leakage prevention cited as the most important capability.
Few have taken action to mitigate shadow IT threats either, with 62 per cent relying on written policies rather than technical controls. You can find out more by downloading the full report (opens in new tab) from the Bitglass website.