- Security TWENTY
- Women in Security
IT decision-makers are changing their cloud buying behaviour it is claimed. First, a study published by NTT Communications claims it’s as a direct result of Edward Snowden’s allegations of large scale clandestine US cyber-surveillance.
NSA Aftershocks: How Snowden has Changed IT Decision-Makers’ Approach to the Cloud is based on a survey of 1,000 IT decision-makers from France, Germany, Hong Kong, UK and the USA. The study highlights nine after-shocks from Snowden’s revelations, which are prompting companies to rethink how they use cloud computing:
1. Almost nine in ten (88 percent) IT decision-makers are changing their cloud buying behaviour, with over one in three (38 percent) amending their procurement conditions for cloud providers
2. Only 5 percent of respondents believe location does not matter when it comes to storing company data
3. More than three in ten (31 percent) IT decision-makers are moving data to locations where the business knows it will be safe
4. Around six in ten (62 percent) of those not using cloud feel the revelations have prevented them from moving their ICT into the cloud
5. IT decision-makers now prefer buying a cloud service which is located in their own region, especially EU respondents (97 percent) and US respondents (92 percent)
6. Just over half (52 percent) are carrying out greater due diligence on cloud providers than ever before
7. One in six (16 percent) is delaying or cancelling contracts with cloud service providers
8. More than four fifths (84 percent) feel they need more training on data protection laws
9. 82 percent of all ICT decision-makers globally agree with proposals by German chancellor Angela Merkel for separating data networks
Len Padilla, pictured, Vice President Product Strategy, NTT Communications in Europe, said: “Our findings show that the NSA allegations have hardened ICT decision-makers’ attitudes towards cloud computing, whether it is modifying procurement policies, scrutinising potential suppliers or taking a heightened interest in where their data is stored.
“Despite the scandal and global security threat, business executives need to remember that cloud platforms do help firms become more agile, and do help foster technology innovation, even in the most risk-averse organisations. ICT decision-makers are working hard to find ways to retain those benefits and protect the organisation against being compromised in any way. There is optimism that the industry can solve these issues through restricting data movement and encryption of data.”
Separately, a third of IT security professionals do not keep corporate data in the cloud because of fear of government snooping, with the majority of them preferring to store sensitive corporate data within their own networks. That’s according to a survey from privileged identity management software vendor Lieberman Software Corporation.
The survey was carried out at the recent RSA Conference 2014 in San Francisco and looked at the attitudes of nearly 280 IT security professionals towards cloud security. It found that 80 percent of respondents prefer to keep more sensitive data stored within their company’s own network, rather than the cloud; while fear of government snooping discourages 33 percent of IT professionals from the cloud. Other findings from the survey revealed that cloud applications are also creating problems for IT security professionals, with 75 percent of respondents indicating that they cause security headaches for IT departments.
Philip Lieberman, President and CEO of Lieberman Software, said: “IT managers are aware there is very limited data privacy in cloud environments and they therefore prefer to keep their most sensitive assets on premises. Another issue is legislation in the cloud and the fact that IT executives do not want governments probing into their corporate data. If a government or official body wants to see what data a company is holding, the cloud host involved is legally obliged to provide them access.”
Given the media attention the NSA surveillance scandal has received it may not be surprising that some are deterred from storing sensitive data in cloud. However, when Lieberman Software did the same survey in November, 2012, 48 percent of respondents were discouraged from using the cloud because of fear of government snooping, while 86 percent of respondents preferred to keep more sensitive data within their own network, rather than the cloud. This the IT security firm says means that trust in the security of the cloud has increased over the last year, despite the NSA scandal.
Calum MacLeod, VP of EMEA for Lieberman Software, said: “The fact that the government is snooping within our IT environments and on our phone calls isn’t a big revelation, and when the NSA scandal broke it should not have come as a big surprise to those who work in the security industry. Government surveillance has been around for a very long time and unless you’re doing something against the law it shouldn’t be a concern. Security professionals realize that the major cloud service providers offer very comprehensive security and ultimately their willingness to invest in technology to protect their clients probably offers a more secure environment than off shoring companies, particularly in India who seem to think that everything can be solved with cheap labour.”
For more details on the survey results see www.liebsoft.com/cloud-security-survey-2014