Rogue cloud deployments -- the use of cloud services against company policies -- pose a significant cost to small and midsize businesses, according to a new survey from Symantec. About 77 percent of businesses surveyed indicated it was a growing problem within the past year.
More than 90 percent of organizations are now at least discussing the cloud, according to the Symantec 2013 Cloud Survey. The figure represents an increase from 75 percent a year ago. The survey of 3,236 organizations from 29 countries was conducted by market research firm ReRez in September and October 2012.
Symantec said one of the costs associated with rogue cloud issues is data leakage, with 40 percent indicating that exposure of confidential information was a problem. More than one-quarter faced account takeover issues, defacement of Web properties, or stolen goods or services, the survey found.
Cloud-based services generally fall into three buckets: Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service. Security experts warn that all businesses considering using cloud providers should tread carefully. Depending on the type of cloud service, the responsibility of protecting data can be mutual or be the sole responsibility of the data owner. Ultimately, meeting compliance mandates will fall on the user of the cloud and not the cloud provider, said Sean Bruton, senior product manager at Hosting.com.
Bruton, who oversees security and compliance for the company's managed hosting services, said organizations evaluating cloud providers need to vet them well to ensure security is a proactive responsibility and not a reactionary one.
"If people are entrusting sensitive data with a third party, first and foremost they'll want to know how to speak security and make sure the people in charge of maintaining the systems are capable of managing risk throughout the organization, Bruton said.
NEXT: Compliance Mandates A Growing Concern