Getting smart about cloud security
Despite security concerns among IT staff, frontline workers have fewer reservations, and many are already incorporating cloud tools into their daily workflows.
Security fears continue to stall cloud adoption at the enterprise level, but workers are embracing cloud solutions regardless of IT fears. According to a recent Dark Reading feature, companies need to give their employees secure options in the cloud or face rogue adoption of services that could threaten the entire organization.
IT staff can no longer ignore their colleagues’ demand for the cloud as consumer services such as Dropbox, Google Drive, Apple’s iCloud and Microsoft’s SkyDrive prove their worth as business utilities and become more popular. Employees are increasingly familiar with the cloud, and they want to leverage its power for legitimate operational advantages. Nonetheless, many organizations have been hesitant to use the cloud due to data protection concerns. A recent survey from CipherCloud found that 66 percent of organizations had had a cloud adoption project stopped or delayed due to security concerns.
As cloud security remains an issue, enterprises may need to ask how they can respond to these concerns rather than stonewalling implementation and risking rogue adoption of unsanctioned services.
Security concerns plague adoption
An August 2012 InformationWeek survey of IT professionals found that 48 percent of those who refused to use the cloud in their organization cited security as the primary reason. The recent CipherCloud survey reinforced these findings, with 66 percent of IT professionals indicating concern over data security in the cloud. Data leakage stood out as a specific fear, with 52 percent classifying it as a primary threat. In the InformationWeek survey, 55 percent of respondents cited fears of a leak of proprietary information, while 45 percent were worried about security defects that could be lurking at the infrastructure level.
Despite these concerns among IT staff, frontline workers have fewer reservations, and many are already incorporating cloud tools into their daily workflows. This approach can create an even bigger security headache, experts told Dark Reading.
"There is no way that you can be totally sure that people [aren’t] putting enterprise data somewhere where they shouldn't," Dimitri Volkmann, vice president of product strategy for enterprise technology provider Good Technology, told the publication. "It's an illusion to think it's possible."
Embracing the cloud, securely
The consumer demand for cloud services is clear, and studies have shown that business executives are getting on board as well. Two-thirds of best-in-class companies use secure file-sharing, according to a study from Aberdeen Group. By comparison, just one-third of “laggards” use the technology.
"The evidence is that the top performers continue to address the need to share data through secure, reliable and well-managed commercial solutions, while all others, perhaps overwhelmed (by complexity) may be losing control of their policies and processes in this area," Aberdeen vice president and IT research fellow Derek Brink wrote in the report.
Although compliance credentials and security controls will be top concerns when IT leaders are deciding on a new cloud-based solution, the end user experience is all-important. If the company-approved application is not as capable and intuitive as the consumer-focused alternative it is designed to replace, manager efforts could be all for naught as they struggle to garner employee buy-in and secure strong adoption rates.
Adopting a secure file-sharing solution such as Accellion or WatchDox is one of the best tools IT departments have to discourage users from heading back to familiar consumer applications that lack the controls IT would like to have. It may also be important to consider the possibility that current tools do not offer the both the controls IT staff want and the functionality users expect. Using cloud applications may require a risk management approach as much as a risk prevention approach, and IT staff should assess what strategy and cloud security tools work best for their organization.
Cloud Security News from SimplySecurity.com by Trend Micro
Spotlight
Cloud Computing
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- Twitter now offers two-factor authentication
- DHS needs better sharing plan, experts say
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet