Rogue cloud companies and hidden costs represent the largest threat for small to medium-sized enterprises (SMEs), according to a new survey from Symantec. In the survey, "Avoiding the Hidden Costs of the Cloud 2013," the security giant found that 77 percent of the firms questioned had a problem with rogue cloud deployments.
The report goes on to define a rogue cloud and offer advice on how to avoid the problems it can present. According to Symantec, rogue clouds are public cloud applications that are not managed by a company's IT department and in many cases are used by staff members without the permission of the organization.
An example of a rogue cloud application would be an employee using a service like Dropbox to distribute sensitive company documents or data without gaining approval first. Around 40 percent of the organizations surveyed by Symantec that had experienced this type of scenario said that confidential data was stolen in the process, and around 25 percent said Web properties were also damaged or stolen.
The company surveyed IT executives at 3,236 organizations in nearly 30 countries. Of those surveyed, 20 percent said they didn't even realize the potential threat of rogue clouds.
“By taking control of cloud deployments, companies can seize advantage of the flexibility and cost savings associated with the cloud, while minimizing the data control and security risks linked with rogue cloud use,” said Francis deSouza, group president for enterprise products and services at Symantec.
Symantec has offered a number of tips to help companies avoid rogue cloud applications as well as related cost traps or hidden costs. Organizations should focus their cloud policies on information and people instead of technologies and platforms, and should also make an effort to educate, monitor and enforce those policies consistently. Companies should also embrace platform-agnostic tools when working with the cloud and remove all duplicate data in the cloud as well.
Other interesting findings of the survey include 68 percent of respondents admitting they had a recovery failure in the cloud, while more than a fifth said recovering from the cloud would take them more than three days - equaling lost business. On a positive note, 94 percent of those surveyed said they were at least discussing cloud or cloud services, instead of the 75 percent who were doing so last year.
Edited by
Brooke Neuman