Although cloud services provide undeniable benefits, the fact remains that many IT professionals are still apprehensive about security. A recent study conducted by Crowd Research Partners discovered concerns about specific issues related to cloud security. Citing the fact that traditional tools are handicapped or simply don’t work in a cloud deployment, along with other barriers, professionals are befuddled on how to adequately protect cloud-based services in the expanding complexity of the network infrastructure.
According to the 2,200 global security professionals surveyed, the major drawbacks to increased cloud adoption were listed as:
- Security risks (33%)
- Lack of qualified personnel (28%)
- Integration issues with existing IT environments (27%)
Of these issues, the survey found that the “single biggest threat to cloud security was the misuse of employee credentials and improper access controls.” Hijacking of accounts and insecure interfaces came in close behind. Since only a little over half of organizations are using Active Directory (AD) to authenticate and authorize access to cloud applications, the reason for the dissatisfaction is plain.
Additional Cloud Security Challenges
Over 80% of the community shared the following views of traditional security tools:
- They have limited functionality for cloud security (48%)
- They can’t be measured for effectiveness (25%)
- They simply don’t work in the cloud (11%)
These statistics illuminate the lack of knowledge available, since there are cloud security tools out there that can achieve compliance and limit data leakage risks.
Although tools are very important, another problem that plagues cyber security is the lack of qualified security experts. There isn’t a huge amount of professionals in the field of security to choose from, so companies are focusing on in-house training or considering managed service providers with specialists on staff.
- 61% of organizations are planning to train and certify existing staff
- 45% partner with an MSP (managed service provider)
- 42% are deploying additional security software for both data and application protections
Because of the shift in the infrastructure landscape with more and more businesses running more than one cloud service within the organization, problems arise when trying to establish visibility across the environment. Security professionals must now operate in mixed environments that include Amazon Web Service (AWS), Azure, and other in-house infrastructure.
Without complete visibility, ensuring compliance becomes extremely difficult. 37% of respondents cite visibility and 36% name compliance as a major cloud issue. In addition to these problems, individuals surveyed indicated that the challenge of developing consistent policies coupled with difficulties in reporting and remediating cyber security threats in the cloud was another source of vexation.
To adequately address cloud security concerns, a comprehensive approach is required. Since the benefits of the cloud deliver measurable improvements, the key to maintaining security for companies is to deploy custom solutions that address specific needs.