New research from Thales and the Ponemon Institute has exposed a disparity between the rapid growth of data being stored in the cloud, and organizations' approach to protecting sensitive information.
- Businesses are clearly taking advantage of the increasing cloud options out there, but they're not adhering to their own fears around its risk with adequate security.
- Having clearly pushed the responsibility for protecting their data to their cloud providers, it's extremely concerning to see security is not a big factor when choosing them.
- Regardless of the Cloud Service Model or Provider, the security of your organization's data in the cloud is your responsibility.
- It's the business' reputation that will suffer if a data breach occurs, so they should be taking more control over their security and ownership of their encryption keys.
Key Findings
Businesses are taking advantage of the cloud, but not applying adequate security

of all corporate data is stored in the cloud compared to 35% three years ago

of organizations are encrypting sensitive data in the cloud
Businesses remain responsible for security of their data
in the cloud regardless of the provider

of businesses are controlling the encryption keys when data is encrypted in the cloud,

saying it's important to retain ownership of the encryption keys
Businesses use 29 cloud applications on average - compared to 27 two years ago. Over 10% have more than 50 and the average US business has 41.
Businesses struggle to reduce complexity of managing privacy and
data protection regulations in the cloud environment

revealed that storing customer data in the cloud makes them more of a security risk and a compliance risk (56%)


of organizations are careful about sharing sensitive information with third parties
Download the full infographic to learn more
About the 2019 Global Cloud Security Study
Thales partnered with independent technology market research specialist Ponemon Institute to understand trends in cloud governance and security practices from more than 3,300 IT and IT security practitioners across 8 countries.
