With businesses of any size turning to cloud applications for improved performance, but recent report done by one of the leading providers of cloud security applications CipherCloud, reveals disturbing facts - 82% of Cloud Applications in Europe are unsanctioned and fail to comply with pretty much any security standards. The numbers are even more frightening when we look at the markets, where actually the vast majority of cloud applications are developed - 12% of the cloud based apps in North America and 18% in Europe are actually secured ! Detailed description of all facts outlined by the report can be found in the infographic below:
Are you affected?
With between 10 and 50 percent of cloud applications not visible to IT, every office around the world is at serious risk. There is serious chance your office infrastructure is at risk and so do the sensitive data about your customers, no matter the size of your organization. Here are the most common risks associated with cloud apps:
- Shared access - the basic concept of the cloud relies on share access and infrastructure. This is why it's so widely adopted - business owners don't spend a fortune on IT systems and professional staff just to implement certain application in their office. However, this also means that others also use the application and some of them may be able to access your data. Still if you choose reliable cloud application provider, you have nothing to worry about!
- Exploits - virtualization is what's behind every cloud application out there, but similarly to physical IT infrastructure there are many things that can go wrong with it, including various exploits. This is definitely not something what the average cloud application user considers, but they present serious threat to all sensitive data kept within particular organization.
- Access Control - this part is entirely up to your cloud application provider. Before you begin using any solution out there, always carefully examine the access control policy of the particular provider. Make sure you know exactly who will have access to your data and most importantly under what particular circumstances. Data protection is not something only big companies should care about, it's up to everyone, who uses IT in their organization, no matter its size.
- Availability - even the best and most widely adopted cloud applications experience troubles from time to time, so it's crucial to check the availability of the cloud application before you purchase any service. It's also important to determine how long they backup customer data and what are their policies in cases of data loss.
- Data Ownership Policies - the area, which pose highest risks involves the data ownership policies. The different cloud providers use different approach to determining the ownership of data stored within their systems, so it's vital to check what yours have to say about this. There are numerous cases, when clauses in the data ownership policies of providers state that it belongs to the providers, rather than to the customers. If you determine who owns data stored in the particular cloud application and what the provider can do with it, you can be certain you are on the safe side.