Cloud security continues to raise questions
Cloud security continues to raise questions.
Since its beginning, cloud computing has often been recognized as a paradox, giving businesses the ability to enhance mobility, agility and overall productivity at the cost of inherently weakened IT security capabilities. While this isn't necessarily always the case with the cloud, it is widely perceived that without additional protection, mission-critical applications and data in the virtual environments are more susceptible to exposure.
There have been studies that suggest both sides of the contradiction, increasing the complexity associated with the technology even more by confusing decision-makers about the ultimate capabilities of the cloud.
These findings were echoed in a recent study conducted by Taneja Group and InfoStor, which polled approximately 150 IT respondents throughout the United States. The survey found that only 29 percent of respondents deployed data protection tools in the cloud after migrating applications and information to the hosted environment. This suggests that the overwhelming majority did not implement any additional security tools to safeguard sensitive files and put a large amount of trust in the vendor's capabilities.
On a more positive note, approximately 58 percent of survey respondents are planning to add more data security applications to the cloud within the next two years, InfoStor said.
The survey revealed that there are lingering concerns associated with cloud storage, as 55 percent of respondents said security was their main issue. Other problems included the availability of mission-critical data and how accessible information would be when the cloud experienced an outage.
"The startling variety of these objections should give cloud vendors pause," InfoStor said. "Granted, they represent an opportunity but so many of the marketing pieces we see and hear simply do not address any of these concerns. They are the sizzle and not the steak."
InfoStor also noted that 47 percent of respondents ranked meeting regulatory compliance standards as a concern, while 56 percent of IT decision-makers cited satisfying internal IT policies as a worry.
The need to achieve compliance is especially important for businesses today, as the IT landscape is constantly shifting and creating new challenges for businesses. However, a separate report by PricewaterhouseCoopers (PwC) found that meeting regulatory requirements is not occurring as often as it should.
"Technology is still not enabling governance, risk and compliance the way it could," PwC advisory practice principal Sally Bernstein said. "Many companies are still not leveraging for efficiencies. Even worse is that at the same time, technology – social media and the explosion of data and devices – is making compliance more complex."
Cloud computing is being adopted on a global scale and if companies want to leverage the technology effectively to lower IT costs and enhance mobility, decision-makers need to have confidence in the cloud's ability to safeguard sensitive information and applications. Unfortunately, the cloud often has unforeseen data security challenges that IT managers are unprepared for to deal with.
An SC Magazine report by SkyDox CTO Barrie Hadfield said the cloud enabled consumer-grade services to enter the business landscape with only minor resistance. As adoption of the cloud grew rapidly throughout the enterprise, more decision-makers were facing vulnerabilities they were unaware even existed.
"An unfortunate casualty of this mindset has been security, which, if taken into consideration at all, has been relegated to a distant afterthought among consumers drawn to cool designs and intuitive functionality," Hadfield asserted.
As companies around the world continue to adopt cloud computing, it is important for decision-makers to leverage high-quality data protection tools capable of keeping intruders out and sensitive information in.
Cloud Security News from SimplySecurity.com by Trend Micro
Spotlight
Cloud Computing
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- DHS needs better sharing plan, experts say
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- SEC may ask for more information after cyberattacks
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet