Security Forecast: Cloudy with Low Data Visibility

  /     /     /  
Publicated : 22/11/2024   Category : security


Security Forecast: Cloudy with Low Data Visibility


Businesses are moving more sensitive data to the cloud but struggle to monitor and manage it once its there.



A need for greater flexibility, speed, and convenience is driving more businesses to the cloud. Less than 25% had their applications, data, and infrastructure in the cloud two years ago but 44% have them cloud-based today, and 65% will be cloud-based two years from now.
The data comes from a
study
by Google Cloud and the MIT SMR Custom Studio. Researchers polled more than 500 IT decision-makers and found security is also a key driver of cloud adoption: 44% of respondents moved to the cloud because of their increased confidence in security. Overall, 74% of participants are more confident in cloud security.
In Dark Readings upcoming 2017 Cloud Security Survey, 62% of IT leaders report moderate to heavy usage of cloud services and applications. Thirty-six believe the cloud is, or eventually will be, more secure than their on-premises IT environments. Twenty percent say they are moving more data to the cloud, partly because of its strong security capabilities.
A Change in Perspective
It used to be that security was one of the things holding organizations back from the cloud, says Rob Sadowski, trust and security marketing lead for Google Cloud. What were starting to see, and what we saw in the research, is the script is almost flipping.
While Sadowski admits the confidence is partly due to improved documentation, he says two-thirds of respondents attribute their confidence to direct experience in the cloud. The top most consistent two reasons for moving to the cloud include increased flexibility in business processes and vendor choices, and the ability to integrate with new tools and platforms.
For many, the transition is gradual. Many businesses start out by doing some of their test and development work in the cloud, says Sadowski. They learn how to build new applications in the cloud. Once they achieve a certain level of comfort, they think about other workloads.
It could be bulk storage, file sync-and-share or collaboration, or sharing data and collaborating, he says. As you work with more organizations that are distributed around the country and around the globe, having that data in the cloud enhances their productivity.
Over the past 5 to 10 years, the amount of data organizations generate is exploding, Sadowski continues. After they feel comfortable with testing and development in the cloud, businesses move more important data to understand its growth, apply analytics, and gain insight.
But what happens to all of that data once its moved to the cloud? Many arent so sure, and poor visibility could be putting their data at risk.
Data Visibility Remains a Challenge
The confidence boost doesnt mean the cloud is completely secure, or that all companies are fully on board. In Googles study, 63% of respondents who chose not to move data to the cloud cited security concerns. A survey by Threat Stack and Enterprise Strategy group found 31% of respondents are unable to maintain security as cloud and container environments grow, and 62% are seeking greater visibility into public cloud workloads.
It is a concern for organizations, says Sadowski of visibility, which is a challenge as personally identifiable information and healthcare records move to the cloud. Businesses may be responsible for disclosing the movement of data to the cloud because sensitive data types are often regulated.
Participants in a new SANS
survey
say they lack visibility, auditability, and controls to actually monitor everything in their public clouds. More than half (55%) say they are hindered from doing adequate forensic and incident response activities because they cant access logs, or underlying system and application details, in cloud environments.
One-third of Dark Readings cloud survey respondents say visibility is a mixed bag and they have good visibility in some areas but none in others. One-quarter say they have good visibility overall with a few blind spots; 11% say most of our data is invisible to us.
Sadowski advises looking into auditability tools to have greater visibility into who is accessing data and what they are doing with it. This would let you set audit and edit permissions to ensure activity aligns with corporate policies, as well as query the data and make sense of it.
He also emphasizes the importance of encryption to directly protect data. Encryption is highlighted by many as something they care about, but its a difficult solution to implement in a lot of cases, Sadowski notes.
Nearly 80 of Googles respondents said it was somewhat or very important to manage the strength of their encryption, or manage the encryption process itself. However, whether the company or cloud provider controls the encryption keys is a really big bone of contention, says Michael Fuller, associate principal at consultancy The Hackett Group, in the report.
Related Content:
Windows 10 Update: 10 Key New Security Features
10 Major Cloud Storage Security Slip-Ups (So Far) this Year
Getting the Most Out of Cyber Threat Intelligence
One-Third of Businesses Cant Keep Up with Cloud Security
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity
agenda here
.

Last News

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Security Forecast: Cloudy with Low Data Visibility