IT Departments: Losing Control, Still Getting Blamed

The 'shadow IT' trend is growing worse, as more and more cloud data is not controlled by IT. And yet IT often gets blamed when things go wrong, according to studies.

Mitch Wagner, Executive Editor, Light Reading

January 24, 2018

3 Min Read
Light Reading logo in a gray background | Light Reading

IT departments are losing control of IT infrastructure -- but still often get blamed when things go wrong, according to several recent studies.

More than half of corporate data stored in a cloud environment isn't managed or controlled by IT (53%), up from 47% in 2016 and 44% in 2015, according to a study by the Ponemon Institute LLC , commissioned by security vendor Gemalto .

Some 43% of respondents said they're not confident they know all the cloud services in their organizations, compared with 46% in 2016 and 55% in 2015.

Figure 1: Source: Ponemon Institute study commissioned by security vendor Gemalto. Source: Ponemon Institute study commissioned by security vendor Gemalto.

You're invited to attend Light Reading's Big Communications Event  – the one event that delivers fresh perspective on the rapid transformation of the telecom industry and the road ahead. We'll see you May 14-16 in Austin – communications service providers get in free!

The research surveyed 3,285 IT and IT security pros in the US, UK, Australia, France, Japan, India and Brazil.

According to the study, some 79% of IT pros say cloud computing apps and platforms are very important or important to business operations today, and that's expected to rise to 87% in two years.

Who's responsible for protecting that data? That's unclear -- only 46% of respondents say their organizations have clearly defined roles and accountability for safeguarding confidential or sensitive information in the cloud.

Half of respondents believe that payment information (54%) and customer data (49%) are at risk in the cloud, according to a statement from Gemalto. And more than half of respondents think cloud computing increases compliance risk.

My colleague Scott Ferguson looked at the study from a security perspective here: GDPR, Cloud Changing Security Pros' Priorities – Report

There's more bad news. One third of employees surveyed by A10 Networks Inc. knowingly use applications their companies forbid (30%), according to a blog post from that company. More than half of those surveyed claim "everybody does it" (51%), while around a third (36%) say the IT department doesn't have the right to tell them what apps they can't use.

Why do the employees use forbidden apps? One third (33%) of respondents claim IT doesn't give them the apps they need to get the job done.

And yet, despite the lack of control, IT is frequently blamed for problems. Some 39% of respondents surveyed by security company Netwrix say their own IT staff get blamed for attacks, according to a statement from that vendor. Overall, 45% of organizations perceive their own employees to be the biggest security risk, even though the majority of attacks those companies experienced were external. Companies blame business users 33% of the time, and cloud providers 33%.

Related posts:

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Follow me on Facebook Editor, Enterprise Cloud News

About the Author

Mitch Wagner

Executive Editor, Light Reading

San Diego-based Mitch Wagner is many things. As well as being "our guy" on the West Coast (of the US, not Scotland, or anywhere else with indifferent meteorological conditions), he's a husband (to his wife), dissatisfied Democrat, American (so he could be President some day), nonobservant Jew, and science fiction fan. Not necessarily in that order.

He's also one half of a special duo, along with Minnie, who is the co-habitor of the West Coast Bureau and Light Reading's primary chewer of sticks, though she is not the only one on the team who regularly munches on bark.

Wagner, whose previous positions include Editor-in-Chief at Internet Evolution and Executive Editor at InformationWeek, will be responsible for tracking and reporting on developments in Silicon Valley and other US West Coast hotspots of communications technology innovation.

Beats: Software-defined networking (SDN), network functions virtualization (NFV), IP networking, and colored foods (such as 'green rice').

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like