Security experts are warning that companies are rushing into cloud adoption without first understanding the risks and challenges involved.
William Beer, director of the assurance group at PricewaterhouseCoopers, said at the launch of the annual Global Information Security Survey (PDF) that he is seeing a lot of client interest in cloud computing, but that not enough focus is being put on governance and information security.
Two-thirds of survey respondents said that they are unaware of where their data is currently stored, and Beer argued that this problem will be compounded "from a physical and legal point of view" if and when they move to the cloud.
"There is far too much focus on the technology and cost savings aspects of cloud, and a common lack of understanding of the risks and challenges," he said.
"We are seeing clients moving very quickly into the cloud without undertaking a risk assessment, and that is a great concern to us. Some vendors might not provide enough rigour around their controls and processes."
The survey also highlighted the fact that many chief security officers place too great a focus on security technology rather than security policies, explained Beer.
For example, the number of firms with data loss prevention capabilities jumped from 29 per cent in 2008 to 44 per cent in 2009, but fewer than half of this year's respondents said that their organisation's security policies actually address the protection, disclosure and destruction of data.
"We are seeing too much focus on technology," said Beer. "There is also a disconnect between technology, policy and a clear understanding of where the data actually is."
Facebook told by Brussels-based court to stop tracking non-users and to delete all data held on them
Supply chain and manufacturing experience could give Dyson an important edge
New VR Zone Portal arcades open in London and Tunbridge Wells
Systems-on-a-chip with integrated AI features could make voice and facial recognition