New survey data revealed by the SANS Institute shows more issues cloud providers face in keeping their customers happy, with a lack of visibility into operations the biggest bugbear for clients.
The report, entitled ‘Orchestrating Security in the Cloud’, spoke to 485 IT professionals and found lack of visibility was cited by 48% of respondents as a problem. A lack of virtual machine and workload visibility was selected by 46% of those polled, while vulnerabilities introduced by the vendor which resulted in a breach were a pain point for 26% of respondents.
One in three respondents (33%) say they do not have enough visibility into their cloud providers’ operations, while 40% admit unauthorised access to sensitive data from other tenants is a major concern with public cloud deployments. For the public cloud, denial of service is the biggest threat (36%), compared to malware for private cloud (33%).
Not altogether unsurprisingly, the research also found hybrid cloud architectures were the way to go forward for most respondents. 40% of those polled are currently using them, while 43% plan to move towards a hybrid architecture in the coming 12 months. Only 12% of organisations say they use public cloud.
For CloudPassage, who sponsored the study, it reinforces what the company already suspected; trying to increase speed of elastic infrastructure while maintaining security is a tough balancing act. SANS analyst Dave Shackleford, who authored the report, noted: “Although most organisations have not experienced a breach in the cloud, security teams are concerned about illicit account and data access, maintaining compliance and integrating with on-premise security controls.
“Visibility into cloud environments remains a challenge, as does implementing cloud-focused incident response and pen testing processes,” he added.
This is not the first piece of research which argues cloud providers are not doing enough to satisfy their customers. A report from iland and Forrester Research, published in June, argued the key to vendors building better relationships with their clients is to release metadata exposing performance, security and cost. One in three survey respondents agreed with the statement ‘my provider charges me for every little question or incident’, while 45% resonated with ‘if I were a bigger customer, my cloud provider would care more about my success.’