"They're overprovisioning cloud storage," said Elliott. Another facet of the cloud storage issue is that much of the time no deduplication of data is done. About half said they either did "virtually none" or a "small amount." This indicates there's still the need for thinking through cloud-storage processes to optimize the benefits, said Elliott, saying Symantec recommends deduplicating data in the cloud.
Other points of concern revolve around legal issues, such as requests for electronically stored documents that are demanded for what's known as "e-discovery" purposes in court or otherwise. The survey shows that 34% have had e-discovery requests for cloud data in the past 12 months, but of these, 66% admitted they had missed the deadline at some point and 41% said they were simply unable to do it at all and never found the requested information. This could potentially lead to fines or otherwise complicate legal situations for their organizations.
Another issue the survey asked about, managing cloud-based SSL certificates, revealed a mixed bag of activity. About a quarter of the IT managers said they thought it was "easy," but 8% "don't even try." Elliott said he doesn't know if that suggests that some companies simply are better organized to manage SSL certificates overall in the enterprise or the cloud. However, "organizations are responsible for managing their own certificates," he said.
In its recommendations for better use of cloud, Symantec said the first thing is focusing on policies and the individuals who all have a stake to make it work, rather than merely the technologies and platforms.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: firstname.lastname@example.org.