A lack of transparency from cloud suppliers on their security practices and vendor lock-in resulting from restrictive contracts is leading many organisations to jeopardise the security of their data, according to managed cloud services provider Memset.
The warning follows recent research by the Cloud Industry Forum (CIF) which revealed that 60% of UK SMEs believe their security and regulatory solutions for cloud-based-services are not as good as they should be.
The research also showed that 51% of SMEs are concerned that their cloud partnerships do not ensure compliance with all global regulations. While concerns over cloud security have declined in recent years leading to widespread adoption, many customers remain uncertain whether their data is being properly protected by their partners.
For Memset, these figures lay bare the challenges that many businesses face when migrating to the cloud and the need for customers to be able to work with the right partners to meet their security needs.
Chris Burden, Chief Commercial Officer at Memset, said: “The fact that 60% of organisations believe their cloud services should be more secure is alarming.
"This suggests that many are working with the wrong partners and find it challenging to migrate to better suited cloud services.
"There is lots of ambiguity in the cloud market, with vague and difficult to understand terminology dictating legal rights. This often leads customers to misunderstand what they are paying for and getting ‘locked-in’ to cloud services that do not meet their security requirements.
“Many organisations are sold cloud services with the misconception that their provider will be working ‘behind the scenes’ to ensure organisational security.
"This is often not the case, and end user organisations need to secure absolute clarity from their cloud providers about how their data will be protected and know what questions to ask."