Survey: sensitive data companies would never move in the cloud

Reading time: 4 min
Share this Share on email Share on twitter Share on linkedin Share on facebook

Companies care most about information related to clients (i.e. credit cards, demographics, contracts) and employees (i.e. income, salary, service fees, contact information, stakeholders), research data about new products and competition, and financial information, as shown in a Bitdefender survey of more than 500 IT decision makers

Most respondents in the surveyed countries (i.e. US, UK, and Germany) perceive these types of data as sensitive and best to store on their own infrastructures.

Organizations that handle sensitive or confidential data, or data related to intellectual property, need to ensure their private cloud infrastructure remains private. No one outside the local network should be able to access that data, and only authorized personnel should handle it. The private cloud needs complete isolation from public internet access to prevent attackers from exploiting vulnerabilities to remotely access the data.

The majority IT decision makers in the US that haven’t yet adopted the hybrid mix (less than 20 percent of those surveyed in total) say management has more control over in-house solutions than over external ones, while those in the UK and Germany perceive them as more secure than the public cloud option.

Bitdefender security specialists advise that, when choosing a cloud service provider, it’s vital that the datacenter physically reside in a region or country in which data handling and storing legislation is favorable to the company’s business interests. A datacenter, regardless of the data it stores, falls under the data privacy and protection laws of the country it’s built in. Consequently, it’s vital that any company that plans to use a cloud service provider with datacenters outside its home country understand local data protection laws. Otherwise, the organization may risk judicial repercussions that could damage both finances and reputation.

The EU’s General Data Protection Regulation (GDPR), which takes effect April 2018, will bring cascading privacy demands that will require a renewed focus on data privacy for companies that offer goods and services to EU citizens. Businesses that do not comply with GDPR face fines of as high as 4% of the company’s global annual revenue.



This survey, conducted in October 2016 by iSense Solutions for Bitdefender, included 503 IT security purchase professionals from enterprises with 1,000+ PCs based in the US, the UK and Germany. Half of the respondents originate from the United States, while 153 are from the UK and 100 from Germany. Some 62 percent of organizations surveyed in the US have over 3,000 employees, while 14 percent have between 2,000 and 2,999 and 24 percent employ between 1,000 and 1,999. Some 44 percent of the organizations surveyed in the UK have over 3,000 employees, while 21 percent have between 2,000 and 2,999 and 35 percent employ between 1,000 and 1,999. In Germany, almost half of the organizations surveyed have over 3,000 employees, while 6 percent have between 2,000 and 2,999 and 45 percent between 1,000 and 1,999

continuous sec