Is Shadow IT Holding Back Cloud Adoption?
It's hard to secure what you don't know is there. A recent survey from the Cloud Security Alliance indicates that while organizations are clearly concerned about the security of data residing in cloud services, they also have surprisingly little insight into how much unknown exposure they have on this front. The lack of awareness of shadow IT use of cloud services—which occurs outside of IT's control—and the associated security vulnerabilities appear to be impeding adoption of the cloud. There are indications, however, that organizations are moving to change this paradigm. "As companies move data to the cloud, they are looking to put in place policies and processes so that employees can take advantage of cloud services that drive business growth without compromising the security, compliance and governance of corporate data," says Jim Reavis, CEO of the not-for-profit CSA, which surveyed more than 200 IT, IT security, compliance and audit professionals from around the globe. Rajiv Gupta, CEO of cloud security firm Skyhigh Networks, which sponsored the survey, adds that "This survey illustrates that companies are aware of the consumerization of IT, but have room to more proactively address the security concerns of cloud adoption."