Misco Cookie Policy
We use cookies to give you the best possible experience on our website. To find out more, view our cookie policy. By closing this message and continued use of our website means that you give your consent to our use of cookies.

Security experts split on government access to cloud data

Security experts split on government access to cloud data
15th August 2016

by Rummi Choudhury

While there has been a rapid rate of cloud services adoption, concerns over security and compliance revolving around inappropriate use or access of sensitive cloud data continue to be upheld, Computer Weekly reports.

The survey, conducted by the Cloud Security Alliance (CSA) and security firm Bitglass, found there was a split amongst information security professionals over whether cloud suppliers should co-operate with governments by providing access to encrypted data.

Of those questioned, over a third said cloud providers should turn over encrypted data to governments when asked.

However, more than half (55%) of all respondents were opposed to this. A higher proportion of respondents in the US were against government co-operation (63%) compared to those in Europe, the Middle East and Africa where only 42% were opposed.

In total, just one in 10 (10%) said they were not concerned about the issue.

When asked how far cloud suppliers should be forced to provide access to encrypted data, just over two fifths (43%) said readily available data should be provided.

Nearly a third (32%) said suppliers should be forced to developed decrypting capabilities specifically for law enforcement purposes, while just over one in 10 (12%) believe suppliers should be forced to use government-mandated algorithms.

Senior research analyst at the CSA, John Yeoh, commented: "The decision as to whether or not an organisation wants their cloud provider to turn over encrypted data to government when asked is one that all organisations should ask themselves as they make the move to the cloud.

"It is also a critical question organisations should be asking of their cloud providers as part of a comprehensive assessment of cloud providers' security controls.

"The more information and policy detail that can be clearly spelled out up-front, the greater the chance that an organisation will have a successful, long-term relationship with their cloud provider."

Whilst enterprises in every industry are adopting cloud apps at an astonishing rate, concerns remain.

According to the survey, the majority of cloud-related security incidents had stemmed from inappropriate use of the cloud, with unwanted external sharing leading the way (59%), followed by access from unmanaged devices (47%).


Join our mailing list

IT News Archive