Addressing Cloud Security Concerns in the Enterprise
Published 05/18/2016
By David Lucky, Director of Product Management, Datapipe
Businesses want to move to the cloud, they really do. And more than ever, they’re starting to make the switch: A Cloud Security Alliance (CSA) study that polled more than 200 IT professionals found that 71.2 percent of companies now have a formal process for users to request new cloud services.
That CSA study also found that nearly two-thirds of IT professionals trust the security of cloud computing equally or even more than their on-premise systems. About a third of respondents cited better security capabilities to be a benefit of the cloud. However, almost 68 percent of respondents noted the ability to enforce their corporate security policies remains a barrier to cloud adoption.
Companies know there’s top-notch security in the cloud, yet security remains the biggest hurdle in getting over to the cloud. Kind of a catch-22, huh? Fortunately, there are a few things you can do to help assuage these fears.
Cloud security is something everyone in a company should be concerned with, not just the IT department or decision-makers. And while the tools we use are improving and more people are starting to better understand cloud computing, people still play a big part in security. Your team of security professionals should get the correct training early on in their tenure, and constant training will allow them keep their skills sharp.
Outside of security professionals, all employees within a company should know their role in maintaining a secure environment. Having a proactive approach to security risks is the first step, which is something that 82.2 percent of companies have. However, fewer than half of the companies that responded have a complete incident response plan. With real concerns like loss of reputation or trust, financial loss, and destruction of data, it’s imperative to have a plan in place to combat any potential security issues head-on, rather than reacting after the fact.
To help with the development of that plan, some businesses have turned to a managed service provider (MSP). Naturally, there are concerns surrounding that, as well–the CSA report notes 87.3 percent of companies cite access control as an important asset of cloud security. Our Datapipe Access Control Model for AWS (DACMA) addresses this concern by letting a business stay in control by securely delegating access to Datapipe while retaining control of their credentials. DACMA’s role-based access and accountability elements also ensure the right people within an enterprise are accessing certain data. And with 24/7/365 security monitoring, you’ll be on top of the ball should an issue arise.
Whether or not you choose to partner with an MSP to assist with security, there are plenty of reasons to develop a cloud security strategy that works within your enterprise. There’s no one right method, but there is a wrong approach: not doing anything about it. To learn more about first steps you can take, visit our Managed Security page.