Netwrix Survey: 69% of Healthcare Providers Plan to Move More Data to the Cloud, Disregarding Insider Threat
April 2018 by Netwrix
Netwrix Corporation, provider of a visibility platform for data security and risk mitigation in hybrid environments, released the 2018 Netwrix Cloud Security: In-Depth Report for Healthcare together with infographics. The infographics provide an industry perspective into the healthcare sector’s use of cloud technology and assessment of the risks associated with cloud migration.
The report reveals most healthcare providers store sensitive data, such as electronic protected health information (ePHI), personally identifiable information (PII) and financial data, in the cloud, yet only a few of them have all round visibility into who is accessing that data.
The key findings include:
• 84% of IT professionals employed in the healthcare industry said their organizations store sensitive data in the cloud and 69% of organizations plan to transfer more sensitive data to the cloud in the near future.
• The top cloud security concerns were unauthorized access (named by 68%) and malware infiltrations (mentioned by 61%).
• Most respondents (55%) identified employees as the biggest risk to sensitive data stored in the cloud.
• Despite this concern about the insider threat, only 14% of respondents have visibility into the activity of business users and just 21% have visibility into the activity of IT staff.
• Even given this inability to combat the insider threat, only half of IT teams say that their top management supports their cloud security initiatives.
• For 50% of respondents, increasing employee training and tightening security policies are the key measures to improve cloud security.
“This year shows positive dynamics in cloud adoption by healthcare providers, as more organizations are willing to move their sensitive data to the cloud, or already store it there. Yet the major security concerns remain the same: Most organizations perceive employees as the main threat to their systems and data, while lack of visibility across the IT environment makes it more difficult to deal with potential risks. The majority of healthcare providers believe that more employee training and tighter security policies will help them improve cloud security. However, these measures have to be complemented with awareness of what users are doing in the IT infrastructure, what sensitive data the organization stores there and what weak points they need to address,” said Michael Fimin, CEO and co-founder of Netwrix.