Nine in 10 firms believe cloud service providers have accountability for data security

Eighty-eight per cent of UK business leaders believe that they do not have responsibility for their data once it is stored with cloud technology.

New research shows three-quarters also believe that any data breach would cause greater damage to their service provider than their own company, despite EU laws placing accountability on the owner.

The Iron Mountain study shows that business leaders say they take a “responsible approach” to cloud storage, with 88% of those surveyed saying they exercise due diligence when it comes to choosing cloud storage suppliers.

With 15% of firms looking at implementing cloud-only storage systems, a lack of understanding around issues of accountability and risk could leave firms financially and operationally exposed if data is lost or compromised.

Iron Mountain Europe head of information security Christian Toon said: “Businesses need to understand and accept responsibility for their information, wherever it resides. Cloud storage is attractive in terms of flexibility, access and cost-effectiveness. However, it does not replace the need for a comprehensive archive and backup strategy. Companies would be better advised to take an approach that combines the benefits of cloud and the offline protection of magnetic tape technology.”

Iron Mountain is advising businesses to find out where data is stored and who has access, consider the physical storage at the provider’s data centre, look at the provider’s employment vetting procedures and reconsider storing sensitive personal data in cloud storage.