Businesses Hazy On Security Of Cloud Applications

Nearly two-thirds of organizations don't have a complete picture of what resources their employees are accessing, finds a Courion survey.

Mathew Schwartz

October 25, 2010

2 Min Read
NetworkComputing logo in a gray background | NetworkComputing

Slideshow: Cloud Security Pros And Cons

Slideshow: Cloud Security Pros And Cons


Slideshow: Cloud Security Pros And Cons (click image for larger view and for full slideshow)

Who is accessing business data stored in the cloud? Apparently, many organizations don't know. Indeed, a new study found that nearly 48% of businesses "are not confident" that an audit of their cloud applications would find that only authorized users were accessing the business's cloud applications. That finding comes from a survey of 384 business managers from large enterprises, conducted by identity access and management provider Courion.

The survey also found that 61% of organizations -- compared with 53% in a similar survey conducted last year -- said they have limited, at best, knowledge of which systems and applications employees are accessing. Furthermore, 16% suspect that their cloud applications are being inappropriately accessed, but said they don't know how to identify unauthorized users.

Not surprisingly, while last year 58% of organizations weren't confident that they could prevent terminated employees from accessing one or more IT systems, this year that statistic increased to 64%.

Account access oversights make it difficult to ensure that only authorized personnel have access to sensitive information stored in the cloud. In addition, said Courion, lack of oversight also increases the threat from so-called zombie accounts -- "accounts that remain active after employees have left the company or changed roles." Zombie accounts increase the risk of data theft, either by malicious insiders or former employees, or else by outside attackers who manage to break into the account.

Another way in which cloud security often lacks oversight: 78% of respondents said there is no "single party" responsible for ensuring that business data in the cloud remains secured, and many are unclear on who should assume that role. Roughly two-thirds of respondents think both customers and cloud application providers are responsible for security, but 13% aren't sure where the ultimate responsibility should lie.

From a risk standpoint, companies are split on which is the bigger threat: inside attackers or external cybercriminals. This year, 57% of respondents said that their biggest security concerns involved external IT threats, up slightly from 54% last year.

Read more about:

2010

About the Author

Mathew Schwartz

Mathew Schwartz

Information Security Reporter

See more from Mathew Schwartz
SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Sign-Up

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Enterprises investing in new infrastructure to support AI will have to choose between InfiniBand and Ethernet
Enterprise Connectivity
The Impact of AI on The Ethernet Switch MarketThe Impact of AI on The Ethernet Switch Market
byPam Baker, Contributing Writer
Sep 16, 2024
5 Min Read
Blue and purple digital cloud connecting apps and services with campus NaaS.
NaaS
Campus NaaS: Remaking the Campus NetworkCampus NaaS: Remaking the Campus Network
bySalvatore Salamone, Managing Editor, Network Computing
Jul 31, 2024
4 Min Read
DPUs are extensively used to accelerate AI and ML workloads by offloading tasks such as neural network inference and training from CPUs and GPUs.
Network Infrastructure
Harnessing DPUs & How DPUs are Changing Data CentersHarnessing DPUs & How DPUs are Changing Data Centers
byBob Wallace, Featured Writer
Jul 30, 2024
10 Min Read
Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports
Live Events
More Live Events