Organizations have no shortage of data storage and compute options -- from pure public and private cloud strategies to multi-cloud, hybrid-cloud and on-premise. As more organizations migrate workloads to various forms of cloud deployments and make choices for the sake of speed in innovation, understanding threats to data security in the cloud has never been more important.
Last year, a report from Unit 42 showed that 65% of publicly disclosed cloud security incidents were the result of customer misconfigurations. A lack of experience in configuring cloud infrastructure to ensure data is properly secured is a primary contributor for such incidents, but others persist.
Recently, Unit 42 released a new Cloud Threat Report, expanding on previously cited factors for poor cloud security. The report showed that a key driver for a greater frequency of cloud security incidents is the lack of change management and control in the cloud that is typically seen in data center environments. Inside the data center, multiple approvals are required whereas, in the cloud, such protocols might be relaxed due to the desire to remain relevant and stay ahead of the competition. As organizational decision-makers increasingly prioritize growth and speed of innovation over cost, DevOps teams are feeling pressure to push out applications at a rapid pace and are neglecting basic security protocols.
Research identified 200,000 potential vulnerabilities in infrastructure as code templates and more than 43% of cloud databases went unencrypted. Furthermore, 40% of cloud storage services did not have logging activated.
Here at Markley, we understand the balance between innovation and cloud security. As such, our team of experts works with each customer as individuals, ensuring our services fit exactly what they’re looking for to satisfy both needs.
If you are interested in learning more about Markley’s cloud offerings and the benefits our services can bring to your organization, drop us a line at info@markleygroup.com.
