Symantec: Rogue clouds cause confidential data exposure in business

Symantec says that as demand grows for cloud computing, businesses need to be aware of the "hidden costs" associated with this technology.
Written by Charlie Osborne, Contributing Writer
rogue cloud computing symantec study hidden cost business

Although organizations are moving to cloud-based computing systems in their droves, it may result in unforeseen costs unless rogue cloud use is regulated.

Symantec's "The Hidden Costs of Cloud 2013 Survey" (.pdf) suggests that over 90 percent of organizations are now discussing cloud, which is up from 75 percent a year ago, in order to try and remain competitive and improve the flexibility of their business practices. However, picking the wrong system can result in high expenditure in the long run.

Based on data from several thousand responses from 3,236 organizations -- both SMBs and enterprises -- from 29 countries, the report found that rogue cloud computing use is causing an escalation in cost, increasing complexity in backing up and storing data, and inefficient storage services.

"Rogue" cloud use, defined as business groups that offer public cloud applications which are not managed by or integrated into a company's IT infrastructure, are at the heart of the problem.

According to the report, over 77 percent of businesses have experienced the problem of increased cost due to the use of cloud technology. Thanks to their size, enterprises seem to come across this issue more than SMBs, with 83 percent and 70 percent reporting the problem respectively.

The most common reasons for using rogue cloud services were to "save time and money," but as 40 percent of users have experienced the exposure of confidential information, businesses should take note that these ventures could cost more time and money in the long run. In addition, 25 percent of respondents reported account takeovers, website hacks and stolen goods and services as a result of using cloud technology they have no control over.

Cloud computing is also causing complications for backing up and recovering data. Most organizations said that they use three or more solutions to backup data, which furthermore causes additional costs for training, inefficiency, and security risk. 43 percent also said that they have lost cloud data, and 68 percent have experienced failures when attempting to recover data. Only 32 percent see cloud recovery as a quick process, and 22 percent estimate it would take at least two days to recover their data after a "catastrophic" loss of information stored in the cloud.

Finally, half of businesses are concerned with meeting compliance requirements in the cloud, and 23 percent have already been fined for not meeting required standards. In addition, managing SSL certificates proves to be a complicated venture, as only 27 percent of businesses said that controlling this element of cloud computing was easy.

Symantec believes these "hidden costs" of rogue cloud computing can have a serious impact on businesses, but there are a number of ways to avoid the pitfall entirely. The security firm suggests that corporations consider focusing on policies and tools that are "platform agnostic," in other words, not tied to one particular platform, and to concentrate on people and information rather than jumping headlong into the latest technological offering. In addition, Symantec suggests that deduplicating data in the cloud can improve efficiency and security.

Francis deSouza, group president, Enterprise Products and Services, Symantec commented:

"By taking control of cloud deployments, companies can seize advantage of the flexibility and cost savings associated with the cloud, while minimizing the data control and security risks linked with rogue cloud use."

Editorial standards