Over Half of Big Data and Cloud Projects Stall Because of Security Concerns, New Survey Finds

Ever since the cloud became popular, a common refrain as to why it has not been adopted even faster by large enterprise can be summed up in two words: “security concerns.” As a new survey by Cupertino, Calif.-based data security company Voltage Security (News - Alert) found, you can add big data implementations to the list of projects being “stalled” by such issues. 

The survey, conducted with over 300 IT professionals, from companies that employ over 5,000 people at the recent InfoSecurity Europe event, is an eye-opener. 

• 76 percent of senior-level IT and security respondents said the inability to secure data across big data initiatives gave them cause for concern.
• 56 percent admitted that these security concerns have kept them from starting or finishing cloud or big data projects.

The survey was not confined to any given vertical market. Respondents represented companies in the financial services, retail, healthcare and insurance industries. Voltage concluded that “the results indicate the serious implications this has on a business' bottom line.”

"This is a huge roadblock for organizations that are ready to reap the benefits of big data – the majority of large and mid-size organizations are finding that an inability to protect sensitive data within a big data environment is a major concern, so while they may be starting projects, they are abandoning them. That's not good for business," said Dave Anderson, senior director of marketing at Voltage Security.

Along with the survey, Anderson had some cogent advice for large enterprise IT professionals. He noted that Voltage advocates a data-centric approach to security, to encrypt and protect both structured and unstructured data at the source. 

"Consider the reality of today's data lifecycle – data travels among users, across states and countries, across different IT systems and end-user devices.  On top of this are the rules and regulations governing how data is used, stored or moved, whether in data centers, the cloud, or mobile devices.  It's a complex issue, but can be addressed by deploying data-centric security to ensure that data remains not only protected but private, anywhere it moves, lives, and however it is used," Anderson explained.

He went on to say, “Both large and mid-size organizations worldwide are working to develop and deploy big data analytical facilities alongside their established business intelligence structure… We believe that with the right data-centric approach companies can unlock the value of big data and use the information to their competitive advantage, changing the negative view of 56 percent of companies that they discontinue or not even begin big data and cloud projects because of the security implications.”

Given the headlines that continue to document the increased frequency and sophistication of data breaches, it is probably not surprising that those in charge of securing the critical assets of their enterprises remain skeptical about cloud and big data projects. Along with complex issues surrounding compliance and corporate governance, the perception that such projects increase enterprise vulnerability to malicious behavior despite vendor assurances seems hard to dispel. This is unfortunate. Solutions abound and best practices mean that risk mitigation associated with such projects do not have to be risky business.  

What gets moved to the cloud, when, where, why, how and who has access to critical information stored there or generated by big data projects that open the flood gates of data interchange between various lines of business has to be approached holistically with security as a top priority. In fact, consideration of such projects can and should be a forcing mechanism for companies to evaluate their vulnerabilities given the state of their current protection and remediation capabilities and use cloud and big data projects to improve things rather than fear for the worst.

Whether cloud and big data vendors are in fact able to move the needle, as Anderson says they can, is something to keep track of. Given that various other studies show acceptance of cloud and big data projects in major enterprises is growing, and that in the U.S. and Europe it’s is actually exceeding expectations, it seems that the vendors are making headway. It will be interesting to see how far and how fast as more surveys like the Voltage Security one are produced.