Despite the unabated onslaught of cyber-attacks on cloud computing providers, a vast majority of businesses still fail to encrypt their sensitive data housed in public clouds.
The 2021 Thales Global Cloud Security Study based on a survey of over 2,600 executives from 16 countries reveals that while 40% of organizations have experienced a cloud-based data breach in the past 12 months, 83% still keep at least half of the sensitive data unencrypted.
As expected, the survey revealed that cloud adoption is on the rise, with 57% of the respondents sharing that they make use of two or more cloud infrastructure providers. Moreover, almost a quarter (24%) of organizations admitted that the majority of their workloads and data now reside in the cloud.
“Protecting customer data is always the priority, and organizations should strongly consider reviewing their strategies and approaches to proactively protect data in the cloud,” observes Fernando Montenegro, Principal Research Analyst, Information Security at 451 Research, which conducted the survey on behalf of Thales.
Poor protection
Despite the fact that an increasing number of businesses are trusting their sensitive data to the cloud, only 17% shared that they encrypt more than half of the data they store in the cloud. More worryingly, this figure drops to 15% where organizations have adopted a multi-cloud approach.
Even where businesses protect their data with encryption, 34% said they leave the encryption keys under the control of the service providers.
As further proof of the poor data security practices, nearly half (48%) of the respondents admitted that their organization doesn’t have a Zero Trust strategy, and a quarter (25%) said they aren’t even considering adopting one.
“A robust security strategy is essential to ensuring data and business operations remain secure. With nearly every business reliant on the cloud to some extent, it is vital that security teams have the ability to discover, protect, and maintain control of their data,” concludes Sebastien Cano, Senior Vice President for Cloud Protection and Licensing activities at Thales.
