[liberationtech] One third IT managers think can Cloud compute with encrypted data

Sun, 04 May 2014 08:20:03 -0700

I downloaded Ponemon/Thales new survey of n=4275 IT managers (United States, the United Kingdom, Germany, France, Australia, Japan, Brazil, and Russia) a couple of days ago by registering here <https://t.co/8rI2Z8vy1j>, but they appear to have now pulled the report.
It is remarkable that one third IT managers not only think that it is possible to compute with encrypted data, but that they are doing so already. 

Here's the relevant text (red is my emphasis) and screenshot with graphs


[If they don't understand this, what else don't they understand about 
their organization's security?]


CB

   *Who controls the encryption keys*

   Figure 24 examines the issue of control over encryption keys in the
   cloud environment for both encryption of data
   at rest and encryption of data at the application level. Thirty-four
   percent of respondents believe their organization
   is in control of encryption keys for *both* data encrypted at the
   *application level* and at rest in the cloud
   environment. Another 28 percent and 29 percent believe control of
   encryption keys is a *shared activity between**
   **the organization and the cloud provider*. Only 19 percent and 17
   percent of respondents, respectively, view the
   cloud provider as having control over encryption keys for either
   encryption at the application level or for data at
   rest

   [Figure 24]

   Figure 25 shows German organizations are the most likely to say
   their organizations have control of encryption
   keys *at the application level *and for data at rest in the cloud.
   Brazilian respondents are the least likely to say their
   organizations have control over encryption keys at the application
   level and for data at rest in the cloud.

   *Figure 25. Percentage of respondents who say their organization is
   in control of encryption keys*
   Consolidated analysis for encryption at *both the application level*
   and for data at rest in the cloud by country
   sample

   [Figure 25]
   screenshot of Fig.24/25 of pdf





-- 
Liberationtech is public & archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
[email protected].





















					Reply via email to