Dec 11, 2018

Nearly half of cloud databases aren't encrypted

Finger pointing at a lock illustration on a tablet

Photo: Jaap Arriens/NurPhoto via Getty Images

Palo Alto Networks published an analysis of corporate cloud security on Tuesday, and some of the results weren't pretty: 49% of cloud databases aren't encrypted.

Why it matters: Any important database should be encrypted. That's not purely a cloud problem. There are inherent security advantages and a few disadvantages to the cloud, but the bottom line is that no matter where you put data, basic security hygiene is still important.

In the same study, Palo Alto found that corporations were failing to meet many industry standards — missing more than half of the CIS AWS Foundations' best practices, around two-thirds of NIST best practices and GDPR requirements, and around 90% of HIPAA and PCI requirements.

  • Forgive the alphabet soup. The point is that companies aren't using a broad range of generally accepted security practices that are in some cases required by law.
Go deeper