Small businesses continue to put security as their main priority when selecting a cloud storage provider, yet many continue to risk their security by choosing free solutions, according to a new survey from analyst firm Clutch.

According to the survey, which polled almost 300 small and medium businesses who use at least one cloud storage platform, 25% of respondents admit they use a free cloud storage product, compared to 71% who said their organisations pay for cloud storage.

More than half (57%) of those who are using free cloud storage say they are putting backup and archived files in those depositories, compared to 66% of all respondents. More than a quarter (28%) are putting company financial records in their free storage, along with medical data (14%) and customer banking information (11%).

The report, which also collated various responses from industry players and experts, came to the conclusion that the weakest link in the cloud storage chain was the user.

“My data isn’t suddenly secure just because I put it in the cloud,”

said Mark Estes, regional director of sales at Qubole.

“There’s a lot of things you do. The cloud enables the security of data as long as you do things correctly.”

Riley Panko, marketing analyst at Clutch, told CloudTech that there is an element of ‘ignorance towards the reality of cloud storage and security’ in businesses.

“They feel confident that their data is safe – until it isn’t,”

she said.

“Thus it’s a matter of making sure that you educate your employees in a realistic manner. Every employee should understand the consequences of a data breach of sensitive information.”

The study, titled ‘Cloud Storage and Security: The Rundown’, focused more in-depth on cloud adoption, security, and regulations compared to the previous year’s edition. Panko added:

“It’s clear to see that hesitations towards adopting cloud storage are falling away as faith in its security builds. However, this security is only present if employees act accordingly.”

Elsewhere, 53% of respondents say it is important to follow the ICO regulations, with 30% citing HIPAA and 27% citing PCI. Writing for this publication in July, Frank Krieger, director of compliance at iland, argued organisations need to “care a great deal” about ISO compliance in the cloud.

You can read the full study here.