Security: 91% Of Cloud Services Used In Europe Present A Risk
Only 9% of the 2,105 Cloud services studied have enterprise-class security capabilities, while the remaining 91% pose medium or high risks to organizational security. In addition, only 5% of cloud services offered in Europe are ISO / IEC 27001 certified, the international standard for information security management systems (ISMS). No more than 12% use stored data encryption and 21% multi-factor authentication.
Despite revelations about the extent of surveillance by the US NSA, data is stored in the United States in 72% of cases, according to Skyhigh. And 25 of the 30 leading cloud providers are based in countries – the United States in mind, but also Russia and China – where the legislation on the protection of personal data is much less restrictive than in Europe. As a result, 99% of the data is stored in countries where privacy rules are less stringent than in Europe and/or do not offer enterprise-class security capabilities.
CIOs lose the hand
The free access of the users to the cloud allows them, in most cases, to escape the control of the CIOs. This breakthrough of the so-called “shadow IT” is due both to a greater involvement of the trades and the availability of multiple online services. Cloud adoption is wide. In Europe, a company uses an average of 588 cloud services (compared to 626 in the United States).
“Cloud services enable organizations to be agile, flexible and efficient, and their employees should be encouraged to use them,” said Rajiv Gupta, Skyhigh Networks CEO. “But too many employees are still unaware of the risks associated with certain cloud services and could even compromise the overall security policy of their organization. ”
A “Secure Cloud” label…
Security, sovereignty … The challenges of Cloud Computing are the subject of all the attention of public authorities and industry. The goal: to accelerate the emergence of alternatives to the services of large American groups like Amazon, Google or Microsoft.
One of the flagship measures of the report is the creation of a European “Secure Cloud” label. This label would be awarded to all cloud services, regardless of their nationality, provided they comply with a set of rules regarding security, availability and quality of service. And, most importantly, data localization in data centers.
The Franco-German duo in scout
In the absence of consensus among the 28 member states, “the report advises France and Germany to take the regulatory initiative and develop a space that could then gradually reach other states,” reports Les Echos.
The idea of creating a “Schengen data area”, which Thierry Breton and the co-CEO of the German SAP publisher, Jim Snabe, called for in the summer of 2013, is being revived … And this despite the fears of the World Economic Forum (WEF) on a potential balkanization of the Internet.
Another sensitive part of the French plan concerns financing. Reduced public spending, the rapporteurs expect a reorientation of budgets. The Public Investment Bank could notably support data center deployment projects on the national territory. Each center could create “a hundred direct jobs and a few hundred indirect jobs,” says the Breton-Klaba report.Tags: database