Ramzi Itani, Regional Director at Veritas, on the company’s recent Cloud survey.
Tell us about the findings of your recent Cloud Survey.
Let me begin by saying that the survey, launched at GITEX 2022, reveals that UAE organisations have made strong progress in the transition to cloud, ranking as the second-highest adopter of public cloud services globally. However, there is still much to be done to ensure the data they have moved to the cloud is protected, compliant and available.
We surveyed over 1,500 IT decision makers across 12 countries, including 100 respondents from the UAE, and found that more than half (53%) of UAE organisations do not have full visibility of their data.
This is complicated by the adoption of a multi-cloud provider strategy, with the average UAE business currently using three different public cloud providers to meet their storage needs. In turn, this is fracturing data protection strategies with 53% of UAE firms surveyed saying they use data protection solutions built into each of these cloud services all of the time. This is despite more than half (56%) saying that these tools put their organisation at risk.
Given this alarming scenario, how can businesses ensure complete protection of their data and other critical assets?
In order to protect their data, businesses need to have a thorough understanding of the value and location of their data. It is important to understand that before cloud data sets can be properly protected from threats like ransomware, IT teams need to know exactly what data sits in which cloud services. Worryingly, more than half don’t know how many cloud services their companies are using, let alone what they are.
So, who exactly is responsible for protecting data in the cloud?
Misconceptions exist around where exactly the responsibility lies between the organisation and cloud provider when it comes to how their data is protected in the cloud. In our survey, just 2% of respondents correctly identified that most cloud providers only provide guarantee of resiliency of their service, they do not provide guarantees that a customer, using their service, will have their data or applications protected.
This may help to explain why so many UAE organisations are turning to those cloud providers when they discover that they do need additional protection. However, there is increasing awareness among UAE businesses about the risks associated with using native cloud security tools. A vast majority (77%) of organisations believe the current offerings from public cloud service providers fall short of their organisation’s security needs.