A new report surveyed security professionals and executives at federal agencies, and reveals some interesting trends and information.
Survey respondents said they don’t know where all their data is stored (28%) or exactly what data they’re storing, according the 2021 Thales Data Threat Report. Additionally, much of their sensitive data stored on the cloud is unencrypted.
Summary from NextGov:
Most agencies don’t have a solid grasp of what data they have or where it is located. In fact, just over one-fourth (28%) of federal respondents have full knowledge of where their data is stored, and just one-third (33%) claimed to be able to fully classify their data. You cannot protect your sensitive data if you do not know where it is. Dedicating time and resources to discover and classify data is essential in order to apply the relevant measures to protect it.
[…]
Roughly one-quarter (29%) of federal respondents now store more than half of their data in the cloud, and 57% of respondents indicated that 31-50% of the data that is stored in an external cloud is sensitive. However, cloud migration has proven to scale at a much faster rate than encryption. Only 15% of respondents stated that more than half of their sensitive data stored in the cloud is encrypted.
[…]
Another common challenge is the web of key management systems. The survey found that the largest percentage (41%) of federal agencies currently employ between five and seven separate key management products, while a small number (9%) have as many as 8-10 key management products.
