Nearly 70% of enterprise organizations are currently migrating data for enterprise resource planning (ERP) applications to the cloud, according to a Friday report from the Cloud Security Alliance. Almost 90% of those surveyed said these ERP apps—most commonly SAP, Oracle, and Microsoft Dynamics—are business-critical, leading to many migration challenges and concerns, the report found.

Top cloud migration concerns among the 200 managers, executives, and enterprise staff surveyed globally include the moving of sensitive data (65%), security (59%), compliance challenges (54%), disruption of business operations (47%), and time to migrate data (46%).

More than half of respondents said they expect security incidents in the cloud to increase in the next year, according to the report. However, confusion remains over who is accountable for any cloud security breaches. Some 60% of respondents said they believe the cloud service provider is responsible, while 77% said the organization is responsible for securing their ERP applications. Third parties were held least accountable, the report found.

In any cloud migration, regardless of the provider, security must be implemented from the start and implemented in phases throughout the project, » Juan Pablo Perez-Etchegoyen, chair of the CSA ERP Security Working Group and CTO of Onapsis, said in a press release. « Organizations are concerned about moving sensitive data across environments, then addressing the security and compliance implications that come of that migration. Our studies have found that implementing security in each phase of the migration could save customers over five times of their implementation costs. »

Despite the challenges, enterprise professionals still named several benefits to moving ERP applications to the cloud, including scalability with new technologies (65%), lower cost of ownership (61%), and security patching and updating by the provider (49%), the report found.