On average, U.S. companies have moved one-quarter of all their business functions and services to the cloud, with more to come. But one question remains: Just how secure is the cloud?
With the most popular applications going to the cloud being e-commerce (41 percent), closely followed by email (39 percent) and storage (30 percent), a new survey found IT managers have security concerns, but they are waning a bit.
There’s a security gap in the cloud era — or at least a perceived security gap, according to the survey from AccelOps. The survey asked 176 IT security professionals about their security practices during the RSA Conference 2013.
While 65 percent of organizations are using cloud services, only 46 percent have moved mission-critical applications and data outside the enterprise, due to cloud security concerns. Thirty-nine percent believe their existing security information and event monitoring tools are not acceptable to support their cloud security and regulatory compliance requirements.
“It’s a sad indictment of the security industry that, in such a well-established market as SIEM and performance monitoring, 39 percent of those surveyed indicated they could not rely on their existing SIEM and monitoring solutions to ensure cloud security and compliance,” said Flint Brenton, president and chief executive of AccelOps, which offers SIEM products. “There is much work to be done to ensure that security threats and the risk of data loss associated with cloud environments are minimized.”
The “bring your own device” trend, data control and potential data loss top the cloud security concerns, closely followed by enforcing security policies and ensuring visibility across traditional and cloud infrastructures.
The survey also shows the responsibility for cloud security remains overwhelmingly with the internal IT staff at 78 percent, and only 13 percent of those surveyed hold their Managed Service Providers (MSPs) responsible for cloud security.
“The promise of cloud computing is to improve agility and deliver greater efficiencies and cost savings,” Brenton said. “However, unless risk can be managed and data secured effectively, organizations will not fully benefit from the advantages of the cloud.”
Cloud security firm SilverSky recently conducted a cloud adoption study. The survey found that 97 percent of security executives said their confidence level in the cloud has either increased or stayed the same in the past 12 months.