The Cloud is Great, But Not Without Security
Posted on August 01, 2016 by Adam Burnham
New research from Gartner is just another proof point for what many of us in the IT industry have known for years – the cloud is one of the fastest-growing and most disruptive technologies to ever hit the market. And its popularity doesn’t seem to be slowing down any time soon, with $111 billion worth of IT spending predicted to shift to cloud this year, and $216 billion by 2020. With multiple models – public, private and hybrid – the cloud can be many things to many different organizations, from small, agile startups with little cash flow to large, global organizations with million dollar IT budgets.
But as we’ve seen with recent hacks and cybersecurity breaches, every organization holds something of value to attackers, and the cloud has presented a number of interesting challenges for businesses looking to secure their critical information and data. The 2016 Global Cloud Data Study from Ponemon Institute and security firm, Gemalto, reveals:
- 73% of the 3,400 surveyed IT and IT security practitioners said cloud-based services and platforms are important to their organization’s operations; 81% said they would be more important over the next two years.
- However, 54% of respondents do not have a proactive approach to managing security and complying with regulations in cloud environments; and 56% said their organizations are not careful about sharing sensitive information in the cloud with third parties vendors or suppliers.
Why the disconnect? The report finds that many of the security protocols and strategies that were optimized for physical infrastructure simply haven’t been adopted or don’t apply in the cloud. For example, the report maintains that shadow IT – a security challenge that never applied to physical environments – continues to be a roadblock to cloud security. In fact, respondents said almost half of services are not deployed by corporate IT, and 47 percent of that stored data is not controlled by IT. Similarly, conventional security practices have not been apples-to-apples in the cloud and encryption has not become as pervasive in the cloud as it has in other IT infrastructure.
However, your organization’s cloud does not have to remain unsecured. There are ways to improve cloud security, without compromising on the flexibility it brings to employees and everyday work functions. First, it’s important to align data storage and security strategies across all departments, from the C Suite to IT and security teams. Once everyone is on the same page, it will be easier to identify all of the cloud storage services being used across the enterprise, combat and crackdown shadow IT, and implement best-of-breed cloud security solutions such as encryption, multi-factor authentication and one-time-use passwords.
Does your organization struggle with the industry’s rapidly-growing cloud storage solutions and security? If so, drop us a line to see how Markley Group’s services can help. You can also learn more about the challenges of shadow IT and securing your company’s valuable assets in this past Markley Group blog post.