Home / / Security pros split on cloud vendors' cooperation with govt

Security pros split on cloud vendors' cooperation with govt

CSA Survey reveals US-based organisations more opposed to government cooperation than those in EMEA

Security pros split on cloud vendors' cooperation with govt
There's concern whether enterprises can put in policies and controls in place to use the cloud securely.

More than one in three IT pros believe cloud providers should turn over encrypted data to government when asked.

These are the findings of a recent report ‘Mitigating Cloud Risks’, commissioned by data protection vendor Bitglass, in partnership with the Cloud Security Alliance (CSA) based on a survey of 176 information security professionals.

Government intervention aside, many organisations have experienced cloud security incidents, though these aren’t the widespread breaches many anticipated - the majority of incidents stem from inappropriate use of the cloud, led by unwanted external sharing and access from unmanaged devices.

 “While hotly contested issues like government intervention remain open, several years of experience with major public cloud apps has demonstrated that the cloud can be more secure than on-premises applications,” said Nat Kausik, CEO of Bitglass. “The primary open concern is whether enterprises can put policies and controls in place to use the cloud securely.”

Mitigating Cloud Risks explores how organisations are securing cloud applications, their plans to improve visibility in the cloud, and top security threats, including unsanctioned apps and external sharing.

Key findings

- 35 percent believe cloud app vendors should be forced to provide government access to encrypted data while 55 percent are opposed. 64 percent of US-based infosec professionals are opposed to government cooperation, compared to only 42 percent of EMEA respondents.

- Most organisations have experienced some cloud security incident, with 59 percent related to unwanted external sharing and 47 percent involving access from unauthorized devices.

- Cloud visibility is lacking - less than half (49 percent) of organisations know even the basics, such as where and when sensitive data is being downloaded from the cloud.

- Cloud Access Security Brokers (CASBs) are on the rise. 60 percent of organisations have deployed or plan to deploy a CASB, with data leakage prevention cited as the most important capability.

- Few have taken action to mitigate Shadow IT threats, with 62 percent relying on written policies rather than technical controls.


Follow us to get the most comprehensive IT solutions delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.