NewsOutsourcingSecurity Compliance

Survey: Hong Kong NGOs unprepared for cloud

By Carol Ko 31-May-2012

Dr Robert Ting-yiu Chung, director of HKUPOP
Dr Robert Ting-yiu Chung, director of HKUPOP

Co-sponsored by Microsoft and Hong Kong Council of Social Service, the survey was independently conducted by the Public Opinion Programme at the University of Hong Kong (HKUPOP) on 93 IT and non-IT specialists from local NGOs in April 2012.

Dr Robert Ting-yiu Chung (pictured), director of HKUPOP announced the survey findings at the Microsoft Hong Kong NGO Day 2012. The survey, titled "Local NGOs knowledge on 'cloud solution' and security concerns 2012," was aimed at understanding the current applications of network security in local NGOs, their views and concerns about "cloud solution." Below shows the major survey findings:

Incomprehensive security protection

Close to 50% of surveyed NGOs revealed the lack of comprehensive security protection which included all five core protective measures for servers and applications: anti-virus, regular backup, firewall, physical security and uninterruptable power supply. Of all 93 respondents, 94% have implemented anti-virus and regular backup, and 87% have firewall in place.

On a scale of 0-10, NGOs rated themselves at 6.7 for the sufficiency of security regarding data storage and transfer within their organizations. As for the need to enhance current security work and/or facilities in data storage and transfer, the average rating was 5.8, implying a comparatively low awareness and sense of urgency toward a need upgrade their security systems.

To ensure no data leakage when transferring important or confidential data, 76% of NGOs used "postal or manual delivery". This was followed by 62% which set a password in a file, then transfer by email. Only 20% of the respondents used email built-in security system to transfer data.

Seventy-four percent of the respondents said they did not allow employees to take confidential data such as users' personal data, away from the office by USB or other hardware. As for NGOs that allowed employees to take away confidential data, "encryption" (38%) was the most common security measure adopted, followed by "employees' self-discipline" (13%).

Low cloud-deployment rate

One-third had deployed cloud solutions at present. Among NGOs that were using cloud solutions, "email" (24%) and "file storage/sharing" (17%) were the most common cloud applications. Only five percent maintained member/volunteer databases on the cloud, and just one percent of the respondents maintained their donar database on the cloud.

For non-cloud-adopting NGOs, 31% cited "information security and privacy concerns," and one-fifth cited reservations about the ability to provide appropriate training to employees. 

The respondents were also asked what the most attractive reason for their organization to transfer IT to cloud services was. Forty-five percent cited "improving information sharing," 44% cited "reduced or no capital investment," and 43% cited "reducing the workload of supporting the system." More than one-third acknowledged the benefits of "lower floating and operational expenditure" (39%) and "better information security" (33%).

Seventy percent of the NGOs interviewed said that in the next three years, they would not transfer most of their IT (databases, email or file storage) to the "cloud."

Finally, the respondents were asked what they considered as the most effective methods of encouraging NGOs to adopt cloud solutions. Thirty-five percent cited "allowing IT subsidy for operational expenses," 33% cited "government initiated/subsidized community cloud," and another 24% favored "specific subsidy in supporting the use/ development of 'cloud service.'"

"The survey findings show that many NGOs in Hong Kong do understand the [operational] benefits of cloud computing, but they are very much concerned about data security. In the future, Microsoft will look into what it can do to help them improve in this area," said Winnie Yeung, director, legal and corporate affairs, Microsoft Hong Kong.


Tags:
data security, Hong Kong, Hong Kong Council of Social Service, Microsoft, NGO, North Asia, survey




RELATED ARTICLES
HK manages social service volunteers on cloud
Breast cancer NGO tracks fundraising programs with Salesforce CRM


1 reader's comment

Comments

Submitted by mythjen.trias on 06-Jun-2012.
Given the former territory's knack for working wonders out of resilience or plain versatility, to say cloud management is not yet in it's radar is almost laughable, but the points indicate a surge in that direction. I'd rather point fingers at some Asian governments who're more reluctant to try cloud, much less those computing technologies that were available a decade or so ago. They should wake up to this brand new day.
1 people like this comment