IT managers are finding it difficult to keep their applications and data safe in the cloud, and many are considering the security measures into the cloud adoption because of it.
While not network could be completely secure, the correct attitude and culture will help in maintain it.
That was one of the findings of an Intel Cloud Security Report that surveyed 2,000 IT professionals in different countries and industries last fall.
Let’s clarify it, The issue isn’t with the cloud itself, since trust outnumbers distrust for public clouds by more than two to one, according to Intel’s survey.
IT professionals told Intel that shadow IT and a shortage of cybersecurity skills are causing the most problems.
While, I do believe is true statement the most common failing factors in security risk are the employees at any given time.
The study showed that 49% of IT professionals said they have slowed cloud adoption because of a lack of cybersecurity skills, and 65% say Shadow IT is interfering with keeping the cloud safe and secure.
Shadow IT is a term often used to describe information-technology systems and solutions built and used inside organizations without explicit organizational approval. It is also used, along with the term “Stealth IT”, to describe solutions specified and deployed by departments other than the IT department.
I think people have bought the story that the cloud is a panacea to them, It is not if you don’t planned it, and scale to your needs. They think it must be good because the cloud is the hot thing right now isn’t it?. What had been found in several researches is that real data center folks understand the principles and are enthusiastic about the cloud, when there is control and project management in place, taking security as a main stream on the deployment.
However, it is and still a big problem at the organizations which is largely coming from shadow IT, or employees who skirt around their company’s IT department to set up applications on their own.
For sure this problem goes directly back to shadow IT, just to mention a simple example You’re in a marketing Department and you want a cool application up. Rather than going through IT, because you fear is going to be rejected or it will take longer to get it, you just go out and buy it in the cloud. You’re going around IT. That can cause a lot of problems. Companies need to get this under control ASAP.
Companies are not suggesting, that IT shops should pump the brakes when it comes to jumping on to the cloud, what they are saying and they should think through all of the security implications.
IT is traditionally skeptical about security issues with the cloud, I said. They are right to reserve judgment. However, Not all clouds are the same. Some are more secure than others. IT gets the blame if something goes wrong.
And company executives need to make it clear that shadow IT is harmful to the company and won’t be tolerated, Recently I had a meeting with C3 and their focus on the reality of security and how to confront them.
First they need real IT to say and emphasized company wise , We will help you, and then they need to say there will be penalties for going around them,The penalties need to be significant to have an effect on the Cultural Behavior in the Company.
IT needs to take charge of the cloud, especially since the Intel study showed that 62% of the companies surveyed store sensitive customer information in the public cloud.
Companies might look back and find they’ve gone too far with the cloud and are paying too much for cloud services they have too little control over, I think companies need to understand all the applications they have on premises and on the cloud, and develop some criteria for what can go out on the public cloud and what should never go out to the public cloud.
The report was released at the RSA security conference in San Francisco.
References:
IT Computer World News
Security Advisory
Intel Security Forum Report
RSA Security Conference – San Francisco, USA
Ivan NavaTAGS
is the post content