Indian organizations will increasingly depend on cloud computing services, says Ernst & Young report
- 68% of Indian businesses are using/evaluating use of cloud computing services within the next year
- Increasing level of risk due to external threats, say 69% of Indian companies
- Mobile computing on an all-time high in India with 75% respondents using/planning to use tablets
- Steep increase in risks associated with social media and business continuity
New Delhi, 13 Jan 2011 — As organizations realize the benefits of bringing their business into the cloud and with growing levels of confidence in the cloud business model, many companies are looking at moving their critical capabilities and sometimes their entire IT infrastructure and applications platform into the cloud, thereby forever altering their business model, according to Ernst & Young’s latest Global Information Security Survey 2011. They are moving from more traditional outsourcing contracts to cloud service providers.
The report, aptly titled, ‘Into the cloud, out of the fog’, takes into account the response from 1700 organizations in 52 countries, including India. The survey was conducted across all major industries.
The survey underlines that 68% of the respondents in India are currently using, evaluating or planning to use cloud-computing based services within the next year. About 86% of the respondents believe that external certification would increase their trust in cloud computing.
As published in last year’s Global Information Security Survey, the physical boundaries of companies are fast disappearing as more and more data is transmitted over the internet. This year the pace of change continues to accelerate and we are witnessing technology transform entire industries, from automotive to publishing to retail and business models are increasingly becoming digital.
As organizations “digitize,” move into the cloud and become “borderless,” the risk landscape changes as well. Participants in our survey recognize this trend: 72% of respondents globally see an increasing level of risk due to increased external threats, however, only about a third of respondents have updated their information security strategy in the past 12 months to respond to these enhanced threats. In addition, 46% of organizations globally have identified increased threats within their own organizations. 60% of respondents from India stated that their information security function is meeting the needs of the organization.
Mobile computing is also on the rise in India. 75% of Indian respondents are planning, evaluating or actually using tablet computers, while only 52% of respondents have made policy adjustments to mitigate the risks related to mobile computing.
Terry Thomas, Partner – Advisory Services, Ernst & Young commented, “There has been a steady rise in mobile computing, including computing on smart phones, tablets, etc., due to overlapping functionalities with these devices and traditional laptops. Many organizations are now allowing BYOD - Bring Your Own Device, and figuring out how to secure data processed through or held in devices that are non-enterprise owned”.
Other top security trends evident in Indian companies include:
Increase in social media related risks -
Nearly 72% respondents in India rated social media-related risk issues as challenging compared to 40% globally; 56% Indian respondents comparable to 53% globally have implemented ‘limited’ or ‘no access’ to social media sites as control to mitigate such risks.
Adoption of data loss prevention tools -
51% of respondents from India have not implemented data loss prevention tools compared to 66% globally. 72% of Indian respondents have defined a policy for the classification and handling of sensitive data as a control for data leakage risk.
Business Continuity a high risk factor -
For the second consecutive year, respondents have indicated that business continuity remains one of their top funding priorities.
Adds Terry, ‘The new generation will be increasingly adept in using social media, and would want to use devices like smartphones, tablets or laptops of their own choice. Enterprises will need to work their policies to accommodate social media and such devices. Also, once enterprises gain benefit from the cloud, they would want to move into all facets of the cloud, be it platform, infrastructure or software as a service. This would have a significant impact on how companies plan their information or data security, as data would transcend borders, thereby also impacting data privacy laws. Business Continuity planning, which has been a hot topic for a few years now, will need to be evolved to work around these emerging areas.’
According to Ernst & Young, for Indian companies, a pragmatic and proactive response rather than a reactive one is required. By making information security an integral part of service and product delivery and allowing it more visibility in the boardroom, a clearly defined strategy needs to be worked out that will protect the business while also adding more value through tighter alignment with business needs.
- Ends -
About Ernst & Young
Ernst & Young is a global leader in assurance, tax, transaction and advisory services. Worldwide, our 144,000 people are united by our shared values and an unwavering commitment to quality. We make a difference by helping our people, our clients and our wider communities achieve their potential.
Ernst & Young refers to the global organization of member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. Ernst & Young Pvt. Ltd. is one of the Indian client serving member firms of EYGM Limited.
For more information about our organization, please visit www.ey.com