For three in four IT security professionals, bring your own device (BYOD) is one of the “greatest inhibitors to effective cloud security”.
That’s the result from a new report by AccelOps. Talking to 176 IT security personnel, the results put BYOD ahead of data control and data loss – traditional topics for cloud security worriers – as the main security threat.
Other cloud security pain points according to the research included enforcing security policies, compliance reporting and employee training; yet given data breaches and data loss were the top two security threats released by the Cloud Security Alliance (CSA) last month, this may be something of a surprise.
Research in January from ISC2 explicitly linked cloud computing and personal device policies, with the key takeaway being that companies who support BYOD make their employees happier, whilst at the same time they need to top up their cloud security knowledge. The same survey showed 78% of security professionals saw BYOD as a “somewhat or very significant risk”.
Earlier this month the Information Commissioner’s Office (ICO) advised that data transfer between companies who have a BYOD policy should be encrypted at all times, whilst advocating that public cloud-based sharing which hasn’t been fully approved be used with “extreme caution, if at all”.
The research also showed that comparatively few companies were over the moon with how their service provider was performing, yet only 8% noted dissatisfaction with its SLA.
Just over one in ten (11%) respondents said they were ‘extremely satisfied’, with the majority of respondents either being ‘moderately satisfied’ (40%) or ‘neither satisfied nor dissatisfied’ (41%).
One of the most interesting takeaways related to the amount of mission critical applications companies currently have in the cloud. According to the AccelOps survey, 65% of respondents were using the cloud; 19% private, 17% public and 29% using a hybrid cloud.
Back in December, SailPoint published UK/US research which claimed that only one in three mission critical apps were in the cloud, with that number expected to rise to one in two by 2015. ‘Mission critical’, in the case of the SailPoint study, related to apps concerning file sharing, storage and communications,
“Increasingly, consumer-oriented services and applications such as Evernote or Dropbox that are hosted on both enterprise desktops and mobile devices represent a vulnerability to corporate data that hackers are exploiting to get access to sensitive information,” AccelOps noted.
“Next-generation monitoring tools are needed to track user and mobile device activity, quickly remedy security breaches and manage impacts to business application performance.”
Can BYOD and the cloud live happily ever after? Let us know in the comments…