 |
| [Cloud Security] |
The biggest threat to cloud security among IT is the company’s employees unintentionally exposing data, according to the latest research figures from CloudEntr.
The study, which took 438 survey responses from industries including financial and manufacturing, found three quarters (75%) of smaller businesses are most worried about their workforce when it comes to securing data in the cloud. Larger IT firms were more concerned about hackers using employee credentials to get their hands on data.
Not surprisingly, regulated institutions were more concerned about cloud compliance than non-regulated, but 75% also said their biggest tool in becoming more secure was employee education.
It’s not just employee education, but shadow IT which continues to be a problem. 29% of those polled said they had no plans to use the cloud in their organisations, but of that number, nearly half of IT pros said they knew of employees who were using it. The vast majority (89%) of IT pros questioned said they were concerned with cloud security, and security (63%) was more important than convenience in a cloud solution.
There have been various vulnerabilities and outages in recent days,from Docker’s vulnerability recorded earlier this week, to Microsoft Azure’s downtime from a bug which slipped the testing process. Dejan Lukan, writing for CloudTech earlier this week, noted data breaches and data loss as some of the most serious threats to organisations, as well as a lack of understanding.
“Enterprises are adopting cloud services in everyday operations, but it’s often the case they don’t really understand what they are getting into,” he wrote. “When moving to the cloud there are different aspects we need to address. If the [cloud service provider] doesn’t provide additional backup of the data, but the customer expects it, who will be responsible when the hard drive fails? The customer will blame the CSP, but in reality it’s the customer’s fault, since they didn’t familiarise themselves enough with the cloud service operations.”
“Enterprises are adopting cloud services in everyday operations, but it’s often the case they don’t really understand what they are getting into,” he wrote. “When moving to the cloud there are different aspects we need to address. If the [cloud service provider] doesn’t provide additional backup of the data, but the customer expects it, who will be responsible when the hard drive fails? The customer will blame the CSP, but in reality it’s the customer’s fault, since they didn’t familiarise themselves enough with the cloud service operations.”