My last blog looked at trends in cloud adoption and security revealed by a new survey from LinkedIn’s Information Security Community. This time, I’m covering the steps organisations are taking to mitigate the risks and threats they face. From the report, it was clear that respondents believed traditional approaches were not up to the job: “Most traditional security tools have not been designed for cloud environments and the unique challenges cloud adoption presents,” the report writes. “Survey results confirm that traditional tools work somewhat or not at all for over half of cybersecurity professionals (59%). Only 14% feel that traditional security tools are sufficient to manage security across the cloud.”
Given that “Organizations moving to the cloud are faced with new security challenges that cannot be addressed with traditional security approaches,” the report adds, “Secure clouds cannot exist without the right cloud security expertise.” The paths to stronger security included training and certifying existing IT staff in cloud security (61%), partnering with a managed services provider who can deliver the necessary resources and expertise (45%), and using security software (42%). The most effective cloud security technologies were reported as data encryption (65%), network encryption (57%) and intrusion detection and prevention (48%). Setting and enforcing security policies across clouds was, by far, the most requested capability to increase confidence in public clouds (56%).
And with employee access to private cloud storage considered one of the biggest risk factors in terms of data loss, 42% of respondents said their organisations didn’t allow employees to access private cloud storage services from the company network (36% do permit access). Yet with shadow IT notoriously difficult to identify and deal with, it’s difficult without delving deeper to see how such approaches could be guaranteed and enforced.
As I mentioned last time, these results are in line with our own experiences talking to customers and cloud security partners. And encouragingly, the adoption trends, barriers, security-related concerns and potential solutions covered by the report pretty much align with EveryCloud’s ‘Be Cloud Confident’ approach: from Discovery and Awareness to Compliance, and with continued protection assured by the provision of a cost-effective managed service.