With damaging, high profile data breaches continuing to dominate the news, from the breach of the CIA director’s email account to the vulnerabilities found in the websites of prospective Presidential candidates, consumers are growing wary that the cloud-based applications they use every day may also be vulnerable to hacking.
Radware, a global trailblazer in application delivery and security, recently released the report, Mobile Application Security: Consumer Perspectives and Organizational Implications. Radware commissioned Harris Poll to conduct the survey online among more than 2,000 US adult consumers in September on their opinions of cloud-based apps and services and their usage.
The report revealed the average consumer with a smart phone has more than 25 applications on their device and spends 2-3 hours of time on these devices. However, many consumers are unaware they use applications that reside in the cloud, with 67 percent of Americans stating they do not currently use cloud-based applications.
According to the report, 1 in 3 Americans currently use cloud-based applications, and more than half of the respondents do not believe these apps are keeping their personal data secure.
Popular cloud-based applications include Amazon Web Services, Dropbox, Evernote, Google Mail and other mobile email applications. Fitness apps were the most widely used of cloud-based applications, followed by food ordering services (10 percent), financial service and transportation applications (8 percent) and healthcare applications (7 percent).
Of the 33 percent of consumers using cloud-based apps, 87 percent believe their data could become vulnerable to hacking. Furthermore, 58 percent of users believe their individual data contained within applications is at risk. Nine percent having already experienced their personal data being put at-risk from a hack.
“Data breaches and hacks are not only on the rise, they are becoming commonplace,” said Ben Desjardins, director of security solutions marketing at Radware. “At the same time, cloud-based apps are booming, offering convenient ways to expedite and simplify daily needs from ordering a meal to requesting a car with the tap of a finger. Consumers by and large don’t understand the cloud-based nature of what’s behind the tap, and so companies trying to engage with customers through these apps will bear the burden of education and remediation in the event of a data breach.”
Consumers have high expectations for the security of cloud-based services. More than half of the respondents said they would terminate services if the application’s security became compromised. Moreover, 85 percent of Americans expect the companies behind these cloud-based apps/services to provide compensation or identity protection to those affected for any loss or damages associated with a hack.
Consumer concern over the vulnerability of cloud-based applications is warranted. Homeland Security Today previously reported that a survey by Riverbed Technology earlier this year revealed federal agencies in particular have a difficult time detecting and fixing application issues due to a lack of resources. The survey respondents stated delays in detecting and fixing application performance issues result in lost productivity, wasted taxpayer dollars, low workforce morale and cybersecurity risk.
“Agencies are moving toward location-independent IT environments, but they haven’t prepared for what happens when they reach their destination,” said Sean Applegate, director of technology strategies and advanced solutions at Riverbed. “This is creating a network visibility crisis that will significantly impact application performance if it’s not addressed.”
In response, Radware believes organizations currently using or considering consumer applications can protect themselves and their customers by factoring 3 important points into planning:
- Consumers continue to adopt: By and large consumers don’t hesitate to adopt new applications that bring ease and convenience into their lives.
- Make it secure: The general concerns and the potential for customer loss are significant enough that organizations need to ensure there is a solid plan for managing the security of applications and customer data. Often, function takes precedence over security and consumers are increasingly frustrated with the lack of security measures in place in many applications.
- Compensation please: Consumers expect companies to compensate them in a meaningful way if breached, or, more specifically, if they are individually impacted. Organizations need to proactively consider what steps they would take to remediate any security issues that occur and adopt compensation and protection models currently in use by other industries.
“Organizations need to make sure that they communicate with users regarding their security measures as well as the remedies they have in place in the unfortunate event that their systems become compromised,” the report stated. “Having the technology in place to prevent and/or mitigate a hack is just as important as having a contingency plan in case security is breached.”
“As more and more cloud-based apps are deployed, consumers will continue to raise these concerns and security may be one of the critical factors that helps an organization attract and keep a loyal customer base,” Radware concluded.