adrian_ilie825 - Fotolia
Enterprises stand accused of becoming complacent over how at risk they are of data breaches, as they prepare to shift more of their on-premise infrastructure to the cloud.
That’s according to Bitglass’s Threats Below the Surface report. Conducted with help from the CyberEdge Group and the Information Security Community, it features responses from more than 3,000 IT professionals about their attitudes towards cloud security.
The findings suggest few organisations pay the same level of care and attention to securing their cloud systems as they do their on-premise ones.
To back this point, 24% of respondents said they routinely monitor their software (SaaS) and infrastructure as a service (IaaS), and – when asked about their laptops, desktops and network perimeter infrastructure – this figure rose to 60%.
That’s not to say organisations are ignoring the need for cloud security completely, as elsewhere in the report, IaaS and SaaS security were individually cited as top investment priorities by 33% and 31% of respondents respectively.
When asked to share specific details of what they consider their top cloud security concerns to be, 57% of respondents said data leakage, as well as ensuring data privacy (49%), confidentiality (47%) and compliance (36%).
“The cloud security landscape has changed a great deal in the past year, from the threats facing organisations to the security solutions they are using to protect themselves,” said the report.
“One thing is clear: gaps still remain. While many have some means of alerting on potential leaks or unauthorised accesses, few have the ability to identify and remediate threats in real time, and few can secure unmanaged mobile devices.”
Read more about cloud security
- Public sector IT buyers could be duped into paying more than they need for cloud systems because of confusion over the levels of protection required for data they create and process.
- Government Digital Service moves to allay public sector concerns about using off-premise services in a bid to speed up cloud adoption beyond Whitehall.
Even so, the report further suggests organisations are becoming increasingly confident in their ability to secure their SaaS and IaaS deployments, as well as their on-premise apps and endpoints.
This is based on the feedback received elsewhere in the report, which saw respondents asked to rate the security posture of their on-premise systems, cloud applications and infrastructure, as well as their mobile and desktop devices.
“While some still believe cloud to be more vulnerable than premise-based apps and custom web applications, the vast majority agree both are secure relative to mobile,” said the report.
“Across the board, these numbers are up from a year ago, where IT leaders were less convinced of their organisation’s ability to secure SaaS, IaaS, premise-based apps and end points.”