IT Departments Find It Hard to Keep the Cloud Safe

IT Departments Find It Hard to Keep the Cloud Safe

Foto: Fotolia

Intel Security announced its second annual cloud security report, “Building Trust in a Cloudy Sky.” The report outlines the current state of cloud adoption, the primary concerns with private and public cloud services, security implications, and the evolving impact of Shadow IT of the more than 2,000 IT professionals surveyed

“The ‘Cloud First’ strategy is now well and truly ensconced into the architecture of many organizations across the world. The desire to move quickly toward cloud computing appears to be on the agenda for most organizations. This year, the average time before respondents thought their IT budgets would be 80 percent cloud-based was 15 months, indicating that Cloud First for many companies is progressing and remains the objective.”, said Raj Samani, EMEA chief technology officer, Intel Security.

Trust in the Cloud on the Rise

The trust and perception of public cloud services continues to improve year over year. Most organizations view cloud services as or more secure than private clouds, and more likely to deliver lower costs of ownership and overall data visibility. Those who trust public clouds now outnumber those who distrust public clouds by more than 2-to-1. Improved trust and perception, as well as increased understanding of the risks by senior management, is encouraging more organizations to store sensitive data in the public cloud. Personal customer information is the most likely type of data to be stored in public clouds, kept there by 62 percent of those surveyed.

Risks Also Rise: Shadow IT and the Cybersecurity Skill Shortage

The ongoing shortage of security skills is continuing to affect cloud deployments. Almost half of the organizations surveyed report the lack of cybersecurity skills has slowed adoption or usage of cloud services, possibly contributing to the increase in Shadow IT activities. Another 36 percent report they are experiencing a scarcity but are continuing with their cloud activities regardless. Only 15 percent of those surveyed state they do not have a skills shortage.

Due to the ease of procurement, almost 40 percent of cloud services are now commissioned without the involvement of IT, and unfortunately, visibility of these Shadow IT services has dropped from about 50 percent last year to just under 47 percent this year. As a result, 65 percent of IT professionals think this phenomenon is interfering with their ability to keep the cloud safe and secure. This is not surprising given the amount of sensitive data now being stored in the public cloud and more than half (52 percent) of respondents reporting they have definitively tracked malware from a cloud SaaS application.

Data Center Progression

The number of organizations using private cloud only has dropped from 51 percent to 24 percent over the past year, while hybrid cloud use has increased from 19 percent to 57 percent. This move to a hybrid private/public cloud architecture requires the data center to evolve to a highly virtualized, cloud-based infrastructure. On average, 52 percent of an organization’s data center servers are virtualized, 80 percent are using containers and most expect to have the conversion to a fully software-defined data center completed within two years.

Recommendations

Attackers will look for the easiest targets, regardless of whether they are public, private or hybrid. Integrated or unified security solutions that provide visibility across all of the organization’s services could be the best defense.
User credentials, especially for administrators, will be the most likely form of attack. Organizations need to ensure they are using authentication best practices, such as distinct passwords, multi-factor authentication and even biometrics where available.
Security technologies such as data loss prevention, encryption and cloud access security brokers (CASBs) remain underutilized. Integrating these tools with an existing security system increases visibility, enables discovery of shadow services, and provides options for automatic protection of sensitive data at rest and in motion throughout any type of environment.
Organizations need to evolve toward a risk management and mitigation approach to information security. They should consider adopting a Cloud First strategy to encourage adoption of cloud services to reduce costs and increase flexibility, and put security operations in a proactive position instead of a reactive one.

More from category

Majority of Internet Users Read Books Daily or at Least Once a Week

Majority of Internet Users Read Books Daily or at Least Once a Week

25 Mar 2017 comment

A 17-country report just released by global market analysts GfK, shows that 30 percent of the international online population read books “every day or most days”. This is lead by China at 36 percent, closely followed by Spain and the UK at 32 percent each.

MENA Region IT Spending to Reach $155.8 Billion in 2017

MENA Region IT Spending to Reach $155.8 Billion in 2017

24 Mar 2017 comment

Middle East and North Africa (MENA) IT spending is projected to reach $155.8 billion in 2017 a 2.4 percent increase from 2016, according to the latest forecast by Gartner. The devices segment will represent nearly 17 percent of total IT spending in 2017.

Versatile Mobile Devices Expected to Grow in 2017

Versatile Mobile Devices Expected to Grow in 2017

24 Mar 2017 comment

Western European personal computing devices (PCDs), including traditional PCs (a combination of desktop, notebook, and workstations) and tablets (slates and detachables), will total 76.4 million shipments in 2017, a 6.1% YoY decline, according to IDC.