IT departments are losing control of IT infrastructure -- but still often get blamed when things go wrong, according to several recent studies.
More than half of corporate data stored in a cloud environment isn't managed or controlled by IT (53%), up from 47% in 2016 and 44% in 2015, according to a study by the Ponemon Institute LLC , commissioned by security vendor Gemalto .
Some 43% of respondents said they're not confident they know all the cloud services in their organizations, compared with 46% in 2016 and 55% in 2015.
The research surveyed 3,285 IT and IT security pros in the US, UK, Australia, France, Japan, India and Brazil.
According to the study, some 79% of IT pros say cloud computing apps and platforms are very important or important to business operations today, and that's expected to rise to 87% in two years.
Who's responsible for protecting that data? That's unclear -- only 46% of respondents say their organizations have clearly defined roles and accountability for safeguarding confidential or sensitive information in the cloud.
Half of respondents believe that payment information (54%) and customer data (49%) are at risk in the cloud, according to a statement from Gemalto. And more than half of respondents think cloud computing increases compliance risk.
My colleague Scott Ferguson looked at the study from a security perspective here: GDPR, Cloud Changing Security Pros' Priorities – Report
There's more bad news. One third of employees surveyed by A10 Networks Inc. knowingly use applications their companies forbid (30%), according to a blog post from that company. More than half of those surveyed claim "everybody does it" (51%), while around a third (36%) say the IT department doesn't have the right to tell them what apps they can't use.
Why do the employees use forbidden apps? One third (33%) of respondents claim IT doesn't give them the apps they need to get the job done.
And yet, despite the lack of control, IT is frequently blamed for problems. Some 39% of respondents surveyed by security company Netwrix say their own IT staff get blamed for attacks, according to a statement from that vendor. Overall, 45% of organizations perceive their own employees to be the biggest security risk, even though the majority of attacks those companies experienced were external. Companies blame business users 33% of the time, and cloud providers 33%.
- Cisco: We'll Put IT Back in Charge
- CIOs: Time to Run IT as a Business
- Will Automation Take All the IT Jobs?
- Cloud Skills: What Matters to IT, Developers
- Cloud Pushing IT Spending to $3.7T in 2018
— Mitch Wagner Editor, Enterprise Cloud News