MEASURING TRUST IN PRIVACY AND SECURITY
Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates

Ponemon Institute is pleased to announce the release of Flipping the Economics of Attacks, sponsored by Palo Alto Networks. In this study, we look at the relationships between the time spent and compensation of today’s adversaries and how organizations can thwart attacks. As revealed in this research, while some attackers may be motivated by non-pecuniary reasons, such as those that are geopolitical or reputational, an average of 69 percent of respondents say they are in it for the money.

...more

Think Before you Cloud

May 13, 2010, 9:02 am

A few years ago, when wireless networking was still relatively new, there were numerous reports of enterprising employees who, frustrated with the pace of new technology integration in their workplace, took it upon themselves to deploy rogue access points – often hidden behind furniture or above drop-down ceiling panels – in order to provide convenient mobility around the office.

Problem was these clandestine devices, while providing a benefit to the user, were not industrial strength and lacked the necessary security features to ensure the integrity of network and data security. Access to corporate networks and data was not only convenient for those aware of the jerry-rigged system, but for anyone snooping for a signal.
The measured pace of adoption was not because IT departments were ignorant of the advantages of wireless networking, but because IT departments knew the risks involved and needed to take a strategic approach to integration; they needed to make sure the introduction of new technology would not be at odds with security.
We see this same scenario play out every time there is a significant innovation in technology that has clear upside potential for business: adoption runs ahead of evaluation. Today, it’s happening with cloud computing as our recent study, made possible through the generous support of our friends at CA, reveals. For example:
·         Only 47 percent of the 642 IT and IT security practitioners we surveyed said their organizations were being evaluated for security before deployment; and,
·         Just over half of those we surveyed said they were unaware of all the cloud computing applications being used by their organizations.
We are well aware of the advantages companies can derive from cloud computing, but we cannot endorse the adoption of any new product or technology without adequate evaluation. Information security and data privacy are at greater risk anytime these assets are stored with a third-party. Policies must be developed, used, and enforced to ensure all cloud computing applications meet an organization’s standard for security and are in keeping with both departmental and corporate strategic goals.
Are you aware of what cloud applications your organization has adopted?

Add Comment Add Comment (1 comment)

Comments

December 8, 2011 4:47pm
Mark Johnson

So what's the answer? A closer relationship between the IT Department, with their need for more efficient methods of doing their jobs, and the Security Group, tasked with protecting those IT guys from themselves. A better understanding between these two groups would provide a multi-discipline approach to all IT activities without the feared "braking" effect on the fast-paced adoption of new technologies.
Categories
Security (23)
Privacy (22)
global security (1)
Providers (1)