In July Gartner released a report titled, “Clouds Are Secure: Are You Using Them Securely?” that argued that CIOs and CISOs should stop obsessing over unsubstantiated cloud security worries, and instead apply their imagination and energy to developing new approaches to cloud control, allowing them to securely, compliantly and reliably take advantage of the benefits of this ubiquitous computing model.
Gartner examined the following challenges in the recent report:
- Naive beliefs that cloud providers are totally responsible for their clients’ security discourage organizations from ensuring their employees use cloud services appropriately.
- Some organizations, especially outside the U.S., are paying an opportunity cost by allowing unwarranted fears about security to inhibit their use of public cloud services.
- Disproportionate attention to the cloud service providers’ (CSPs’) security posture has negatively impacted security by distracting attention away from the establishment of organizational cloud control processes.
- Organizations that haven’t taken a strategic and carefully governed approach to the use of cloud computing can easily use it in a manner that is less secure than traditional computing, resulting in unnecessary compliance incidents and data losses.
- Cut through your organizational cloud preconceptions, and encourage cloud decisions based on business requirements.
- Develop an enterprise public cloud strategy, including security guidance on acceptable uses for infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS).
- Implement and enforce policies on usage responsibility and cloud risk acceptance processes.
- Follow a life cycle governance approach that emphasizes the ongoing operational control of your public cloud use.
To overcome challenges and capitalize on the current opportunities, it’s imperative for company leaders to seek out and partner with managed cloud security services providers that can assuage their concerns. The right vendor will have years of experience providing comprehensive security solutions, and will have the expertise to oversee every aspect of infrastructure migration into cloud environments.
Aligned with Gartner’s recommendations, as part of Datapipe’s security services, we conduct an audit and security best practice consultation to provide an all-encompassing picture of a client’s existing environment, identifying where holes or risks exist and creating a plan of action to ensure the environment is secure moving forward. To read more about Datapipe’s security expertise see: https://www.datapipe.com/security_compliance/.
For further advice on ensuring your environment is secure, see:
- Overcoming Cloud Security Challenges
- Cloud security can be a challenge, but it doesn’t have to be
- Clear understanding needed for effective cloud security
- Visibility, agility key for successful cloud security
- Security, automation go hand in hand
Also, check out our favorite security reporters that keep a constant handle on the changing security landscape:
- Kelly Jackson Higgins, Dark Reading
- Brian Krebs, Krebs on Security
- Rob Lemos, eWEEK
- Fahmida Rashid, InfoWorld
- Jim Finkle, Reuters
Link to the full Gartner report can be found here.