IT departments are losing control of IT infrastructure -- but still often get blamed when things go wrong, according to several recent studies.
More than half of corporate data stored in a cloud environment isn't managed or controlled by IT (53%), up from 47% in 2016 and 44% in 2015, according to a study by the Ponemon Institute LLC , commissioned by security vendor Gemalto .
Some 43% of respondents said they're not confident they know all the cloud services in their organizations, compared with 46% in 2016 and 55% in 2015.
Source: Ponemon Institute study commissioned by security vendor Gemalto.
You're invited to attend Light Reading's Big Communications Event – the one event that delivers fresh perspective on the rapid transformation of the telecom industry and the road ahead. We'll see you May 14-16 in Austin – communications service providers get in free!
The research surveyed 3,285 IT and IT security pros in the US, UK, Australia, France, Japan, India and Brazil.
According to the study, some 79% of IT pros say cloud computing apps and platforms are very important or important to business operations today, and that's expected to rise to 87% in two years.
Who's responsible for protecting that data? That's unclear -- only 46% of respondents say their organizations have clearly defined roles and accountability for safeguarding confidential or sensitive information in the cloud.
Half of respondents believe that payment information (54%) and customer data (49%) are at risk in the cloud, according to a statement from Gemalto. And more than half of respondents think cloud computing increases compliance risk.
My colleague Scott Ferguson looked at the study from a security perspective here: GDPR, Cloud Changing Security Pros' Priorities – Report
There's more bad news. One third of employees surveyed by A10 Networks Inc. knowingly use applications their companies forbid (30%), according to a blog post from that company. More than half of those surveyed claim "everybody does it" (51%), while around a third (36%) say the IT department doesn't have the right to tell them what apps they can't use.
Why do the employees use forbidden apps? One third (33%) of respondents claim IT doesn't give them the apps they need to get the job done.
And yet, despite the lack of control, IT is frequently blamed for problems. Some 39% of respondents surveyed by security company Netwrix say their own IT staff get blamed for attacks, according to a statement from that vendor. Overall, 45% of organizations perceive their own employees to be the biggest security risk, even though the majority of attacks those companies experienced were external. Companies blame business users 33% of the time, and cloud providers 33%.
— Mitch Wagner Editor, Enterprise Cloud News