Should vendors be forced to give encrypted data to the government?
More than one in three IT pros believe cloud providers should be forced to give government access to encrypted data, according to the latest research study from the Cloud Security Alliance and data protection providers Bitglass.
The research, which appears in a report entitled Mitigating Cloud Risks, surveyed 176 information security professionals and found US-based respondents were more likely to be opposed to government information (64%) than their EMEA counterparts (42%). 10% of respondents said they didn’t care either way.
In terms of how far cloud vendors should go, 43% argued that data which was readily available should be provided, 32% said that vendors should be forced to build capabilities to decrypt data specifically for law enforcement purposes, while 12% said vendors should be forced to use government-mandated encryption algorithms.
The research also examined more general enterprise cloud security trends. 59% of organisations have reported cloud security incidents around unwanted external sharing, while 47% had incidents involving access from unauthorised devices, the report notes. Similarly, shadow IT remains an issue; 62% of those polled had written policies discouraging the use of unsanctioned apps, but the numbers outright blocking apps (38%) or using a proxy to redirect users (29%) is lower.
“While hotly contested issues like government intervention remain open, several years of experiences with major public cloud apps has demonstrated that the cloud can be more secure than on-premises applications,” said Nat Kausik, CEO of Bitglass in a statement. “The primary open concern is whether enterprises can put policies and controls in place to use the cloud securely.”
Previous research from Bitglass also examined potential security worries; in June the company warned of ‘MDM mayhem’, arguing through its research that a number of privacy issues occurred, from seeing employees’ personal email inboxes, to social accounts and banking details.
You can read more about the report here.
Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.
- » There’s always one rotten app in the bunch: Google launches App Defense Alliance
- » Five strategies healthcare providers are using to secure their networks
- » It’s time to solve the education sector’s cybersecurity crisis
- » Using AI to secure the modern world – where enterprises are particularly vulnerable
- » Why improving endpoint security needs to be a primary enterprise goal in 2020