Surge in cloud adoption means greater data attack surface for healthcare and financial services

Surge in cloud adoption means greater data attack surface for healthcare and financial services

New research launched by Blancco Technology Group, an industry standard in data erasure and mobile life cycle solutions, reveals the extent to which healthcare and financial services organisations have embraced cloud, as well as the effects cloud adoption has had on data classification, minimisation and end-of-life (EOL) data disposal.

Based on a global survey of 1,800 respondents, the study, Data at a Distance, found extensive cloud adoption, thanks to the ease of managing increasing volumes of data. However, 65% say the switch has increased the volume of redundant, obsolete or trivial (ROT) data they collect.

Increasing volumes of stored data brings with it many issues and is of growing concern for organisations operating in heavily regulated markets. In addition to regulatory non-compliance risks, there are the cost and sustainability impacts of storing this data, as well as security concerns – more data means a greater attack surface and more liability in case of a breach.

Data management best practices indicate that organisations need to know what data they have collected, including its value, where it’s stored and when it needs to be permanently erased. Yet just over half of organisations (55%) can boast a mature data classification model that determines when data has reached EOL – meaning that nearly half fall short when it comes to determining when to dispose of cloud-stored data.

When asked about their cloud approaches, 60% of respondents said that their cloud provider handles EOL data for them. However, more than a third (35%) do not trust their cloud provider to appropriately manage EOL data on their behalf.

“Healthcare and financial services providers handle some of the most confidential and sensitive information possible,” said Jon Mellon, President Global Sales, Marketing and Field Operations, Blancco. “While they have made the move to cloud for better connectivity, Digital Transformation and ease of managing data, many of them are still falling short when it comes to knowing how to reduce risk and maintain compliance when that data is no longer serving a business function. 

“COVID changed working norms for all industries and adopting cloud helped adapt to those changes. But hackers also changed their approach. The industry reported that 45% of breaches that occurred in 2022 were cloud-based. Yet our research found multiple instances of insufficient practices for managing EOL data in the cloud.” 

Rapid COVID-generated cloud adoption is bringing to light the need for organisations to rethink ownership of their data in a heavily regulated and threat-saturated market. The report lists best practices that will guide these and other data-dependent industries towards ensuring regulations are met and that they can continue to protect both themselves and their customers. 

Click below to share this article