70% Of Healthcare Organizations Lack The Resources To Properly Secure Data In The Cloud
By Ilia Sotnikov, Netwrix
Gartner predicts that by 2022, more than 30 percent of hospital data centers will be based in the cloud. The healthcare sector has traditionally been skeptical about the cloud, but Gartner says that budget pressures and the need to reduce capital expenditure are changing that mindset. Healthcare organizations that migrate their data and services to the cloud must take extra measures to manage and secure those assets effectively.
Details on what data organizations store in the cloud and what challenges they typically face can be found in the recently released 2019 Cloud Data Security Report. One key finding was that the most common reason that healthcare organizations plan to move more of their assets to the cloud is to cut costs (38 percent). However, these organizations often fail to ensure security of this data. In fact, they are not ready to invest substantial resources in cloud security and prefer to follow the same data protection strategy that they use for their on-premises environments, neglecting the reality that the cloud requires a different approach.
Several factors make healthcare organizations struggle with cloud security:
- They Store Large Volumes Of Data In The Cloud.
About 32 percent of healthcare organizations store all their sensitive data in the cloud. Among these organizations, 74 percent store healthcare data, 74 percent store employee data and 68 percent store customer data there. Unfortunately, not all organizations are able to ensure security of the data they move to the cloud; in fact, about a quarter of healthcare providers said that they had at least one security incident in the cloud during the past 12 months. These organizations have two things in common: None of them classified all the data they stored in the cloud, and all of them store all their sensitive data in the cloud.
- They Lack The Budget To Ensure The Security Of Sensitive Data.
The majority of IT teams at healthcare organizations might not have enough resources to protect sensitive data properly, as 85 percent of them did not see an increase in their cloud security budgets in 2019. Moreover, one third of them did not receive any financial support for cloud security initiatives from their management in 2019, which makes data security even more challenging.
It is no surprise that security concerns and high costs can lead some organizations take the radical step of moving their data back on premises. Overall 18 percent of healthcare organizations say that they are ready to do so; they say they will start by migrating healthcare data (33 percent), customer data (33 percent) and employee data (11 percent).
Despite these challenges, healthcare organizations are generally positive about cloud migration. The number that are ready to adopt a cloud-first strategy has more than doubled since 2018: 54 percent now say they have either implemented a cloud-first strategy or are ready to do so. The number that plan to move all their data, applications and processes to the cloud in the next five years also has grown, from 22 percent in 2018 to 34 percent in 2019.
As a result, healthcare organizations need to find a way to overcome the challenges they face and ensure the security and privacy of their critical data even though their budgets are tight. The key is being able to prioritize your security efforts. If you know exactly what data you have in the cloud and are able to classify it according to its level of sensitivity, you are in a better position to choose appropriate security controls within your budgetary constraints and protect your data in the most effective manner.
About The Author
Ilia Sotnikov is vice president of product management for Netwrix, a provider of information security and governance software.