Storage

01:20 PM
Connect Directly
RSS
E-Mail
50%
50%

Security Pros See Cloud As Top Risk

Fewer than 2% have seen serious incidents caused by employee mobile device or social network use, finds RSA survey.

Attacks involving mobile devices and Facebook may make the headlines, but the clear and present security risk facing organizations lies in the cloud, according to a recent survey of security professionals conducted by RSA Conference.

True, nearly every respondent agreed that allowing employees to connect their own mobile devices, such as an iPhone or iPad, directly to the corporate network would pose a security threat to their organization. But only 2% report their organization having experienced a "serious incident" as a result of an employee's mobile device usage. Likewise, only about 2% reported experiencing a serious security incident as a result of a social networking attack or leak.

If security professionals by and large don't see mobile devices and social networking as one of their top-line security threats, the same can't be said of the cloud. Indeed, 83% of respondents said their organization will move more business processes into the cloud in the next 12 months, typically through software-as-a-service applications, rather than infrastructure or platform services.

When it comes to the cloud, respondents' number-one security concern is controlling access to data, followed by maintaining regulatory compliance, data integrity, and seeing corporate data be co-mingled on shared servers.

The survey also queried security professionals' spending priorities. Given the widespread move to the cloud, perhaps it's no surprise that over the next year, the primary spending priority -- for 49% of respondents -- will be to secure cloud computing. Other security spending priorities include application security (48%), endpoint security (45%), authentication (42%), and mobile or wireless security (32%).

On the budget front, good news: more than half of respondents expect their security budgets to increase from 2010 to 2011.

Interestingly, RSA said that responses to the survey were consistent regardless of company size, even though a majority of respondents hailed from either very large (more than 10,000 people) or very small (fewer than 20 people) organizations.

"What we've discovered is that whether you're a global company or an emerging start-up with five employees, your overall security concerns are the same," said RSA's Sandra Toms LaPedis in a statement. "It's how you address these concerns through technology that varies from a budget and resources perspective."

Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed