In fact, 66 percent of security pros still view the cloud as more difficult to secure than on-premise options.
Despite a clear consumer shift towards productivity-enhancing cloud applications, many organizations have not taken the proper steps to ensure their data is safe:
- Almost 31 percent of respondents do not allow employees to access cloud applications such as Salesforce and DropBox from their mobile devices, but indicate employees do it anyway.
- 34 percent of organizations do not encrypt or use tokenization in the cloud.
- 31 percent of organizations do not have any significant security protocols in place for employees using cloud applications.
"The data reinforces that simply blocking access isn't an option, it's time to be proactive and put long trusted security tools such as encryption and tokenization in place to make sure that no matter where your data is, it is protected," Canellos added.
Gartner's Stephen Kleynhans, research vice president, notes, "Enterprises must establish policies to manage the use of consumer-grade personal cloud tools, ensuring that appropriate information security and compliance controls aren't being overlooked. IT organizations must also actively survey the user base to understand the motivation behind the tools' use and ensure that advantageous functionality hasn't been missed as part of official IT-supported enterprise user environments. IT organizations need to look for places where consumers are using personal cloud services and related apps, and understand the motivations, realizing there may be significant business value that has been missed by IT."
The NSA, a major discussion point of this year's RSA conference, is not to be blamed for this attitude, as nearly half of those surveyed indicated that recent headlines and media frenzy surrounding government activity have had no effect on their decision to use the cloud.