Organisations are aggressively adopting cloud – but can’t find the right security roadmap
90% of users polled in the LinkedIn Information Security group claim they are either very or moderately concerned about public cloud security.
The survey, sponsored by CloudPassage, aimed to give a comprehensive examination of current security mindsets from a more than 250,000 respondent base with a broad section of company sizes, experience and cloud mindset.
Here are the key stats:
- 71% of respondents are either in planning stages, actively implementing or in production with cloud environments. Hybrid cloud deployments are most common with 7 out of 10 respondents using both private and public clouds in their organisation – 71% hybrid, 17% private cloud, 12% public cloud
- Cloud adoption barriers are general security concerns (45%), data loss and leakage risks (41%), loss of control (31%), legal and regulatory compliance (29%), and integration with existing IT environment (29%)
- The biggest security threats in public clouds are unauthorised access (63%), hijacking of accounts (61%) and malicious insiders (43%), while the key factors for cloud security were consistent security with other IT infrastructure (60%), continuous protection (58%), and affordability (26%). 7% of respondents said there were no new security resources required
The most popular cloud workloads according to the respondents were storage (45%), computing (42%), business apps (40%), virtualisation (33%) and networking (33%). Email (45%) is the most frequently stored corporate information in the cloud, followed by sales and marketing data (42%), intellectual property (38%) and customer data (31%).
When asked how they were going to plan their security needs when moving to the cloud, partnering with an MSP who will provide the resources (34%) was the most popular. Using security software from independent software vendors, and adding security staff dedicated to cloud was also popular.
The overall effect is an interesting one, particularly given the security outlook of the respondents, and the security worries they face. “This cloud survey represents a first glimpse into exactly what types of concerns are keeping security professionals up at night,” said Holger Schulze, the founder of the Information Security LinkedIn group in a statement.
“It’s clear from the survey results that a vast majority of organisations are investing aggressively in cloud computing technologies, while at the same time, have not figured out the complete security model to give them continuous, consistent protection in these environments.”
- » Organisations struggling with sensitive cloud data as they shun security-first approach
- » Best security practices for migrating to the cloud: A guide
- » Eradicate human error and make your cloud implementation a picnic
- » Puppet’s 2019 State of DevOps report: How security needs to fit into continuous delivery
- » Kubernetes and multi-cloud: How to monitor your modern applications effectively