Cloud-Based Apps, BYOD Pose Security Threat to Businesses
Many companies lack visibility not only to what data is in the cloud but also to who can access that data, according to a Loudhouse/SailPoint survey.Many IT organizations are not fully aware of which cloud applications are in use across the enterprise, making it difficult for enterprises to monitor and control user access to mission-critical applications and data, according to a survey of 400 IT and business at British and American companies with at least 5,000 employees. The report, conducted by research firm Loudhouse on behalf of identity management solutions provider SailPoint, found enterprises are running one-third of their mission-critical applications in the cloud today and expect to have half of all critical applications running in the cloud by 2015. While business users have gained more autonomy to deploy cloud applications without IT involvement, they do not feel responsible for managing access control. The survey found 70 percent of business leaders believe that IT is ultimately responsible for managing user access to cloud applications. "As organizations adopt cloud applications, they are very likely to increase their risk exposure by putting sensitive data in the cloud without adequate controls or security processes in place," SailPoint's vice president and general manager of the cloud business unit, Jackie Gilbert, said in a statement. "And this year's survey illustrates how 'at risk' companies already are." Companies lack visibility on data in the cloud and also who can access that data, she added.
"It's imperative that companies put in place the right monitoring and controls to mitigate these growing risks," said Gilbert.