As we finish up National Cyber Security Awareness month, lets focus on the state of collaboration security as it pertains to organizations and their data.
Recently, our partner, CipherPoint, published their second annual industry report on the State of Collaboration Security. For the 2014 State of Collaboration Security survey, they interviewed over 100 IT executives in the commercial and government sectors about their security and compliance concerns.
Private Beats Public, But On-Premises Still Wins
The survey found that IT executives are more likely to use a private cloud deployment model over a public cloud model, but that 90% of IT executives still expect to use some type of on-premises deployment model in the future.
So, what is still holding companies back from moving to the cloud? Well, 92% of the IT executives surveyed said that they strongly agree that data security and compliance concerns are holding them back from moving their sensitive and regulated data to the cloud. This finding shows that there may still be misunderstanding about the difference between public and private clouds. While data security is a legitimate concern in the public cloud, it is actually an advantage when moving to a private cloud.
Private cloud providers specialize in providing world-class data security to all their customers regardless of size. Meaning, even small to medium size businesses can get the same level of security and protection as enterprise-level companies. However, it is important to make sure that your private cloud provider meets the required compliances for your industry, such as SSAE 16 SOC I, Sarbanes Oxley, NIST, PCI, ISO 9000, IPv6, HIPAA, FDA Part 11, and EU Safe Harbor compliances.
Concerns about Threats Exist No Matter Where Data Lives
The survey found that the biggest perceived threats to on-premises shared drives and collaboration solutions are permissions management, unauthorized sharing, and privilege abuse. In comparison, the biggest perceived threats to cloud share drives and collaboration solutions are external attackers, unauthorized sharing, and the cloud service provider’s access to data.
Full data control in the cloud is a very common concern for businesses, but there are several steps that you can take to ease your worries. For example, you may want to add some slight modifications to your hosting contract to ensure that your cloud provider does not have access to your data. While this is much easier to do with a dedicated private cloud provider, most multi-tenant cloud providers will not adjust the terms of their hosting contracts.
You will also want to make sure that you know where your data is living and that the contract states that you still own your data. Watch our on-demand webinar “Keeping Control of Your Data in the Cloud” for a full list of questions you need to ask your hosting provider in order to keep you in complete control for the life of your hosting contract.
For a complete list of the survey findings, check out the full 2014 State of Collaboration Security Report or explore some to the key findings from the survey in the infographic below.