Should vendors be forced to give encrypted data to the government?
More than one in three IT pros believe cloud providers should be forced to give government access to encrypted data, according to the latest research study from the Cloud Security Alliance and data protection providers Bitglass.
The research, which appears in a report entitled Mitigating Cloud Risks, surveyed 176 information security professionals and found US-based respondents were more likely to be opposed to government information (64%) than their EMEA counterparts (42%). 10% of respondents said they didn’t care either way.
In terms of how far cloud vendors should go, 43% argued that data which was readily available should be provided, 32% said that vendors should be forced to build capabilities to decrypt data specifically for law enforcement purposes, while 12% said vendors should be forced to use government-mandated encryption algorithms.
The research also examined more general enterprise cloud security trends. 59% of organisations have reported cloud security incidents around unwanted external sharing, while 47% had incidents involving access from unauthorised devices, the report notes. Similarly, shadow IT remains an issue; 62% of those polled had written policies discouraging the use of unsanctioned apps, but the numbers outright blocking apps (38%) or using a proxy to redirect users (29%) is lower.
“While hotly contested issues like government intervention remain open, several years of experiences with major public cloud apps has demonstrated that the cloud can be more secure than on-premises applications,” said Nat Kausik, CEO of Bitglass in a statement. “The primary open concern is whether enterprises can put policies and controls in place to use the cloud securely.”
Previous research from Bitglass also examined potential security worries; in June the company warned of ‘MDM mayhem’, arguing through its research that a number of privacy issues occurred, from seeing employees’ personal email inboxes, to social accounts and banking details.
You can read more about the report here.
- » Companies failing to heed warnings on employee deprovisioning, research warns
- » Symantec to acquire Skycure to bolster mobile security play
- » Malware attacks on iOS more than triple while Android remains largely flat
- » Europe more ‘sceptical’ around BYOD with GDPR threat looming, warns Strategy Analytics
- » Taking the robot out of the human: Why we should not confuse productivity and efficiency