Look closer to home for the biggest cloud security issue, SME execs told
Picture credit: iStockPhoto
The biggest threat to cloud security among IT is the company’s employees unintentionally exposing data, according to the latest research figures from CloudEntr.
The study, which took 438 survey responses from industries including financial and manufacturing, found three quarters (75%) of smaller businesses are most worried about their workforce when it comes to securing data in the cloud. Larger IT firms were more concerned about hackers using employee credentials to get their hands on data.
Not surprisingly, regulated institutions were more concerned about cloud compliance than non-regulated, but 75% also said their biggest tool in becoming more secure was employee education.
It’s not just employee education, but shadow IT which continues to be a problem. 29% of those polled said they had no plans to use the cloud in their organisations, but of that number, nearly half of IT pros said they knew of employees who were using it.
The vast majority (89%) of IT pros questioned said they were concerned with cloud security, and security (63%) was more important than convenience in a cloud solution.
There have been various vulnerabilities and outages in recent days, from Docker’s vulnerability recorded earlier this week, to Microsoft Azure’s downtime from a bug which slipped the testing process. Dejan Lukan, writing for CloudTech earlier this week, noted data breaches and data loss as some of the most serious threats to organisations, as well as a lack of understanding.
“Enterprises are adopting cloud services in everyday operations, but it’s often the case they don’t really understand what they are getting into,” he wrote.
“When moving to the cloud there are different aspects we need to address. If the [cloud service provider] doesn’t provide additional backup of the data, but the customer expects it, who will be responsible when the hard drive fails? The customer will blame the CSP, but in reality it’s the customer’s fault, since they didn’t familiarise themselves enough with the cloud service operations.”
The IT pros surveyed by CloudEntr are making it their prerogative to change this. 89% of respondents who have been impacted by security breaches say they planned primarily to educate their employees in the next year.
What do you make of this data? Are you worried about what your workforce is doing in the cloud?
Interested in hearing industry leaders discuss subjects like this and sharing their Cyber Security & Cloud use-cases? Attend the Cyber Security & Cloud Expo World Series events with upcoming shows in Silicon Valley, London and Amsterdam to learn more.
- » Realising the impact of unsecured container deployments: A guide
- » Five key takeaways from RSA Conference 2020: Cloud SIEM, Zero Trust, API-based security, and more
- » How AI is bringing a new dimension to software testing
- » Marriott reported another data breach: Why cyber risk assessment is important
- » How cloud providers are changing the outlook for IoT data and analytics management