Companies Still Struggling with Cloud Security: Reported Higher Incidence of Data Security Lapse or Issue From 2011

CUPERTINO, Calif., Aug. 28, 2012 /PRNewswire/ -- Globally, the cloud continues to pose challenges on how to deliver agile, yet secure, IT services to enterprises. The percentage of companies that reported a data security lapse or issue with their cloud service increased from 43 percent in 2011 to 46 percent in 2012, according to a recent global cloud security survey conducted by Trend Micro (TYO: 4704;TSE: 4704), the global leader in cloud security. The executive summary of the survey can be found here.

Trend Micro's annual survey of 1400 IT decision makers from the U.S., UK, Germany, India, Canada, Japan and Brazil found that India had the highest incidence (67 percent) of data security lapse or issue, followed by Brazil (55 percent). India also had the highest – 12 percent -- increase of security lapse or issue in 2011, followed by Japan (a 7 percent increase) and Canada (a 6 percent increase). According to the survey, Japan is less likely to adopt cloud computing than any of the other countries surveyed.  Japan also has the lowest usage level for VDI, public cloud and private cloud. 

From 2011 to 2012, the overall global cloud adoption increased from 55 percent to 59 percent.  This increase may account for the security issues that companies reported in the survey, especially in countries such as India and Canada where cloud adoption rates increased the most.  India's adoption rate grew from 38 percent in 2011 to 49 percent in 2012; Canada's adoption rate grew from 42 percent in 2011 to 51 percent in 2012.

Other survey highlights include:

• Over half (53 percent) of the decision makers surveyed stated that data security is a key reason for holding back their adoption of cloud solutions. This finding is in line with the 40 percent of respondents who stated that their IT security requirements are not being met by current cloud services.
• 53 percent surveyed expressed more willingness to consider using the cloud if cloud providers took a more hands on approach to securing data or if they knew more about how to secure their data in the cloud.
• Despite trepidation in utilizing cloud services, the number of enterprises that have deployed public and private cloud solutions have increased to 20 percent, up from the 13 percent that had solutions deployed in 2011.
• Those respondents who have active public cloud deployments will assign 53 percent of new applications to the cloud within the next year, up from the 46 percent of applications that are currently deployed in the cloud. This signals a consistent rise in demand for cloud services amongst enterprises that have already embraced the cloud.
• There is still confusion about what cloud computing services exactly are. When presented with a list of cloud services, 94 percent of the respondents said they are currently using at least one of them. However, 9 percent of these respondents indicated, that their company has no plans to deploy cloud computing services. This is consistent with 2011 when 7 percent had the same response.
• For those who have public cloud in production, the vast majority indicated that they encrypt their data stored in the cloud (89 percent). This is a 4 percent increase from 2011. 87 percent said they keep a 1:1 copy of all data that is synched to the cloud.

"Cloud computing is a reality for all enterprises operating today. However, in the race to put data in the cloud to save on overall costs, companies need to be aware of the hidden cost in terms of data security," said Dave Asprey, vice president of cloud security, Trend Micro. "Cloud providers are not doing enough to secure current cloud services, and enterprises need to broaden their security policies to protect applications and data stored in the cloud as strongly as they protect these within the company's internal infrastructure."

Responsibility for cloud security is shared between the service provider and enterprise

The more cloud infrastructure is controlled by the enterprise, the more the responsibility falls to the organization to provide security.  For example, with an Infrastructure as a Service (IaaS) cloud the service provider is responsible for securing the underlying hardware, but businesses are expected to secure their virtual infrastructure and their applications and data built on top of it. This can be achieved with VM security that extends to cloud environments with integrated file and network level protection.  But as cloud service providers offer more of the underlying platforms and applications, such as a Platform as a Service (PaaS) or Software as a Service (SaaS), they take on more of the responsibility for security.

Not only is security an inhibitor to cloud deployments, but performance or availability is also a top cloud concern, with 50 percent indicating that this is a barrier to cloud adoption.  When evaluating security solutions, enterprises and cloud service providers need security that doesn't sacrifice overall performance of the cloud service.

Trend Micro has invested heavily in a family of multi-layered protection for cloud and virtual environments – all designed to secure the enterprise journey to the cloud—either as solutions offered directly to enterprises or sold through service providers as an add-on to their services.

Trend Micro™ Deep Security is designed to prevent data theft, business disruptions, and compliance violations with comprehensive server security that provides VM protection for today's virtualized datacenter and cloud environments.  In addition, Trend Micro™ SecureCloud™ encryption platform applies policy-based key-management technology with industry-standard encryption to give enterprises control over their data stored in public, private or hybrid clouds as well as physical and virtual servers.

Supporting materials

• Please visit the executive summary of the survey results here.
• Please visit the infographic here. 
• To join the discussion on cloud computing issues, and to read our cloud evangelist's latest blog piece on the survey, visit the Trend Micro Cloud Security Blog.
• To learn more about how Trend Micro can help you secure your journey to the cloud, visit www.trendmicro.com/cloud.

Survey methodology
1,400 IT professionals from the U.S., the U.K., Germany, Canada, India, Japan and Brazil (200 respondents from each of the seven countries) were invited to participate in a survey on cloud computing. These professionals, from enterprises with over 500 employees, make purchase decisions for cloud computing services, server virtualization or Virtual Desktop Infrastructure (VDI) solutions.

About Trend Micro
Trend Micro Incorporated (TYO: 4704;TSE: 4704), the global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers.  A pioneer in server security with over 20 years' experience, we deliver top-ranked client, server and cloud-based security that fits our customers' and partners' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro™ Smart Protection Network™ cloud computing security infrastructure, our products and services stop threats where they emerge – from the Internet. They are supported by 1,000+ threat intelligence experts around the globe. 

Additional information about Trend Micro Incorporated and the products and services are available at Trend Micro.com. This Trend Micro news release and other announcements are available at http://newsroom.trendmicro.com/  and as part of an RSS feed at www.trendmicro.com/rss. Or follow our news on Twitter at @TrendMicro.

SOURCE Trend Micro Incorporated