Skip to main content

Many businesses are still failing to secure their cloud data

An abstract image of cloud storage.
(Image credit: Shutterstock/Marko Aliaksandr)

Despite the unabated onslaught of cyber-attacks on cloud computing providers, a vast majority of businesses still fail to encrypt their sensitive data housed in public clouds.

The 2021 Thales Global Cloud Security Study based on a survey of over 2,600 executives from 16 countries reveals that while 40% of organizations have experienced a cloud-based data breach in the past 12 months, 83% still keep at least half of the sensitive data unencrypted.

As expected, the survey revealed that cloud adoption is on the rise, with 57% of the respondents sharing that they make use of two or more cloud infrastructure providers. Moreover, almost a quarter (24%) of organizations admitted that the majority of their workloads and data now reside in the cloud.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

“Protecting customer data is always the priority, and organizations should strongly consider reviewing their strategies and approaches to proactively protect data in the cloud,” observes Fernando Montenegro, Principal Research Analyst, Information Security at 451 Research, which conducted the survey on behalf of Thales.

Poor protection

Despite the fact that an increasing number of businesses are trusting their sensitive data to the cloud, only 17% shared that they encrypt more than half of the data they store in the cloud. More worryingly, this figure drops to 15% where organizations have adopted a multi-cloud approach. 

Even where businesses protect their data with encryption, 34% said they leave the encryption keys under the control of the service providers. 

As further proof of the poor data security practices, nearly half (48%) of the respondents admitted that their organization doesn’t have a Zero Trust strategy, and a quarter (25%) said they aren’t even considering adopting one. 

“A robust security strategy is essential to ensuring data and business operations remain secure. With nearly every business reliant on the cloud to some extent, it is vital that security teams have the ability to discover, protect, and maintain control of their data,” concludes Sebastien Cano, Senior Vice President for Cloud Protection and Licensing activities at Thales.

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.