New Federal Research Reveals Strong Reservations Among IT Professionals About Cloud Data Security

February 6th, 2019

OneLogin and CITE Research Find 75% of Federal IT Leaders Agree Unified Access Management is Path Forward Amid Big Cybersecurity Readiness Divide

SAN FRANCISCO, Calif., February 6, 2019 — Federal agencies are accelerating their migration to the cloud, and today a new study from CITE Research and OneLogin reveals that while 85 percent of federal IT professionals expect their cloud app portfolio to grow, nearly half of the respondents have strong reservations about data security.

That’s the main conclusion from an in-depth survey of 150 professionals published today, which indicates the speed with which federal organizations are moving to the cloud may be coming at the cost of proper cybersecurity measures. With the cyber threat landscape constantly evolving, security has emerged as a top driver for agencies to standardize on cloud apps.

“Federal IT professionals need technology that can help them accelerate their digital transformation, securely and efficiently,” said Justin Calmus, Chief Security Officer at OneLogin. “These research findings reveal a confidence gap and a consequential need for stronger user access security for applications and data stores that are hosted both on-premise and in the cloud.”

Data Loss and Breaches of Paramount Concern, Hybrid Environments are the Norm

The study also found that while 42 percent of federal IT professionals report the cloud is the most secure hosting option, they still worry about malware and unrecoverable data loss from a breach. On average, federal IT teams said they have 51 percent of their apps in the cloud and 49 percent on-premise. Most use less than 50 business apps now but expect that number to grow significantly over the next two years.

Conventional access management tools have forced agencies to adopt separate solutions for their on-premise and cloud app environments. In this enduring hybrid state, 75 percent of those surveyed believe a centralized access management platform would help secure both cloud and on-premise apps. Other notable survey findings include:

  • While most (93 percent) of federal IT pros feel they are prepared to move more heavily to the cloud, nearly half (49%) have data security concerns with the migration.
  • There is a significant split in confidence about cyber defense readiness – 47 percent say they are not fully prepared for a breach and say they lack the necessary amount of staff.
  • 79 percent say malware attacks are the top threat.
  • Civilian agencies worry most about phishing attacks (58 percent) and ransomware (53 percent).
  • For the Department of Defense (DOD) and intelligence agencies, device theft is the top concern.
  • Service outages and downtime weigh heavily on 48 percent of federal IT pros.

OneLogin Now FedRAMP Ready

In response to growing federal demand for cloud security solutions, OneLogin announced that it has achieved FedRAMP Ready status on the marketplace. This milestone represents the initial stage of the FedRAMP authorization process, the U.S. government-wide program that provides a standardized approach to enabling agencies to rapidly adopt secure and cost-effective cloud-based IT. This extends OneLogin’s ability to provide Unified Access Management to U.S. federal agencies as they accelerate the process of moving their increasing number of business applications and assets to the cloud. The press release can be found here.

About OneLogin

OneLogin, the leader in Unified Access Management, connects people with technology through a simple and secure login, empowering organizations to access the world™. The OneLogin Unified Access Management (UAM) platform is the key to unlocking the apps, devices, and data that drive productivity and facilitate collaboration. OneLogin serves businesses and partners across a multitude of industries, with over 5500 customers worldwide. We are headquartered in San Francisco, California. For more information, visit, Blog, Facebook, Twitter, or LinkedIn.

Secure all your apps, users, and devices