Threat to Nearly 60 Per cent of UK’s Confidential Cloud Data is Undeterminable, Warns Informatica

Research Reveals Breakdown in the Data Security Practices as UK Organisations Fail to Understand Movement and Use of Sensitive Data

London, U.K., June 29, 2015 - Informatica Corporation (Nasdaq:INFA), the world’s number one independent provider of data integration software, has released new research highlighting that UK businesses are unable to determine the risk to 58 per cent of the confidential data stored in the cloud and 28 per cent of the sensitive information held on premise, according to a recent Ponemon Research survey.

The study exploring how UK organisations are approaching data security reveals that businesses are failing to identify sensitive or confidential information.

  • Less than half (45 per cent) have a common process in place for discovering and classifying the sensitive or confidential data on premise and only a quarter have a process in place for data in the cloud.
  • As information continues to proliferate, not knowing where sensitive or confidential data resides is one of the biggest concerns for 55 per cent of IT and IT security practitioners.
  • Data growth renders manual processes, custom tools and surveys obsolete for developing an accurate and actionable picture of the sensitive data at risk within organisations. As a result, organisations are relying on automated solutions to help them discover sensitive or confidential data and assess the risk.
  • On average, 46 per cent are using such tools for data on premise and 34 per cent for data in the cloud.

“As the research shows, the majority of organisations do not have a handle on their sensitive data, regardless of whether it exists on premise or in the cloud. However, because businesses have less confidence in their understanding of sensitive data then they perceive more risk,” said Amit Walia, senior vice president and general manager, Data Integration and Security, Informatica. “To reduce threat exposure and improve breach resiliency, organisations need to invest in data centric security technologies, which enable businesses to enact the need-to-know data access policies that help limit the exposure of sensitive data.”

The research also reveals that if an organisation does not know what sensitive data it has on premise, then it is highly unlikely that it will understand what it has moved to the cloud for platform or application services.

  • Overall, 30 per cent of the sensitive or confidential data located in the cloud is believed to be at risk.
  • Despite respondents being more concerned about data security in the cloud than they are about data on-premise, only 32 per cent of organisations have a common process for assessing the threats, creating a blind spot in security.
  • Overall, 54 per cent of respondents admit they are not confident in their ability to proactively respond to a new threat in the cloud highlighting that data growth and proliferation from, and within, the cloud raises security and privacy risks if not carefully understood and managed.
  • In contrast, 28 per cent of the sensitive or confidential data located on premise is deemed to be at risk and 42 per cent of businesses have a common process for accessing the threats, with 55 per cent claiming that they are confident in their ability to proactively respond to a new threat.

“The survey highlights that whilst organisations continue to fear cyberattacks, what really keeps them up at night is the unknown. Namely not knowing where data is and the associated risk to it,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. “Whilst businesses are more confident about having data on premise, the shift towards cloud computing is continuing to accelerate and organisations can’t afford to be held back by data security concerns. Instead, security practitioners need to get a handle on the classification of data so that they can feel more confident about the information that they are moving to the cloud. Regardless of whether information is held on premise or in the cloud, data governance protocols should be the same. ”

The survey of 118 UK IT and IT security professionals with responsibility for data protection was completed by the Ponemon Institute as part of the annual 2015 State of Data Security Intelligence study sponsored by Informatica.

Resources

  • View an infographic, summarizing key findings from the Ponemon Institute’s forthcoming global survey of CIOs and IT security professionals on “The State of Data Security Intelligence.”

Tweet this: News: @Ponemon study shows threat to nearly 60% of UK confidential cloud data http://infa.media/1Nj5PiG @InformaticaCorp

About Ponemon Institute

Ponemon Institute is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.

About Informatica

Informatica Corporation (Nasdaq:INFA) is the world’s number one independent provider of data integration software. Organizations around the world rely on Informatica to realize their information potential and drive top business imperatives. Informatica Vibe, the industry’s first and only embeddable virtual data machine (VDM), powers the unique “Map Once. Deploy Anywhere.” capabilities of the Informatica Platform. Worldwide, over 5,800 enterprises depend on Informatica to fully leverage their information assets from devices to mobile to social to big data residing on-premise, in the Cloud and across social networks. For more information, call +1 650-385-5000 (1-800-653-3871 in the U.S.), or visit www.informatica.com. Connect with Informatica at http://www.facebook.com/InformaticaCorporation, http://www.linkedin.com/company/informatica and http://twitter.com/InformaticaCorp.

###

Note: Informatica, Secure@Source, Informatica Platform and Informatica Vibe are trademarks or registered trademarks of Informatica Corporation in the United States and in jurisdictions throughout the world. All other company and product names may be trade names or trademarks of their respective owners.