Planning a Switch to Public Cloud Services? Rethink Your Strategy
According to a recent Cloud Security Spotlight research conducted by the data security company Bitglass, the security risk of hosting services on a public cloud still remains 30% higher than doing the same using on-premises apps.
With this level of risk, security concerns still remain the biggest obstacle to the adoption of public cloud computing services.
In their survey, the Campbell, California-based company used upwards of 1,000 IT and IT security practitioners to make an assessment of the state of cloud computing in the enterprise. A third of the respondents reported experiencing more incidences of security breaches when using the public cloud than when using on-premises apps. In addition, 90% expressed various security concerns with the public cloud.
The findings of this study also revealed other interesting facts. For instance, companies are more fearful of their employees misusing their privilege of access control than they are of both hacking and malware. In addition, Microsoft has been making massive gains in the enterprise on the marketplace while at the same time moving ahead of Google as an email service provider, as well as challenging the current position of Salesforce as the market leader in cloud computing services.
Insecurity in cloud computing services
According to the CEO of Bitglass, Nat Kausik, over 70% of organizations today are either making plans to move to the cloud or are actively implementing cloud computing environments, notwithstanding the inherent risks involved. At the same time, the said organizations are making conclusions that SaaS apps are not fully secure, making the widespread adoption of such technologies slow down. This underscores why the report is filled with contradicting findings, something which clearly explains the love-hate relationship between the industry and the cloud.
For instance, around 36% of the participants termed even the leading cloud apps like Office 365 and Salesforce as less secure than on-premises ones.
Almost half (45%) of respondents put security at the top of their biggest concerns, with data loss and leakage, and loss of control following closely at 41% and 31% respectively.
Despite all that, the cloud still holds a lot of data for many organizations and individuals, storing email data (45%), sales and marketing (42%), intellectual property (38%) and customer data (31%).
Cloud Safety Measures
The biggest security challenges are internal. They include improper access control (including unauthorized access) that accounts for up to 63%, hijacking of accounts (61%) and malicious attacks perpetrated by insiders (43%). Concerns such as malware or other direct attacks perpetrated against the cloud service provider come far lower on this list, similar to insecure interfaces and/or APIs.
For the protection of their data on the cloud, many enterprises fundamentally rely on the enforcement of consistent cloud computing security policies and encryption of data. But they also make use of access control (48%), intrusion detection and prevention (IDP) (48%) as well as security training and awareness (45%). Despite all these challenges, cloud computing appears to be paying off for the enterprises.
The main factors leading people to adopt the cloud, as the respondents revealed, are availability, flexibility and lower costs.
Findings of this survey dovetail with several other research studies that have been conducted over the past year. For example, Metalogix recently released their Insider Threat Index (ITI), which gives an insight into SharePoint managers’ content security based on 9 metrics.
Image credit: FutUndBeidl (Flickr)