sb-au logo
Story image

Cloud misconceptions aplenty in 2018 – Here’s a rundown

23 Mar 2018

Given cloud’s meteoric rise into mainstream it’s no surprise that there are a few misunderstandings surrounding its ins and outs.

Barracuda Networks public cloud EMEA director Chris Hill says these days most organisations regardless of size use it to a certain extent. Despite this, misconceptions remain about the technology – particularly on security.

To garner some deeper insights into the situation, Barracuda conducted global research in February 2018. As part of this, 164 respondents in EMEA were asked about their experiences and attitudes when it comes to security in the cloud. Some of the main findings included:

People still believe on-premises security is better than cloud

57 percent of respondents stated their on-premises security as superior to cloud.

“However, using security tools specifically designed for the public cloud can actually make a business more secure than they were when they operated purely on-premises,” says Hill.

“What was promising was that the shared security model was largely well known by respondents, with 71 percent expecting cloud security to be a responsibility that’s shared with cloud vendors. Just 19 percent think cloud vendors are solely responsible.”

The cloud is redefining the role of the firewall

The vast majority (82 percent) have concerns about deploying firewalls in the cloud, with 41 percent citing ‘pricing and licensing not appropriate for the cloud’, and 39 percent naming ‘no centralised management creating a significant overhead’ as their top two concerns.

“Other concerns included next generation firewalls simply not being practical for cloud environments and the lack of integration with native security tolls from cloud vendors,” says Hill.

“Interestingly, organisations seem to find value in cloud-specific security features, with 95 percent saying cloud-specific firewall capabilities would help them. 71 percent cite the most beneficial quality as ‘integration with cloud management, monitoring, and automation capabilities,’ and 59 percent cite being ‘easy to deploy and configure by cloud developers’ as the second most beneficial capability.”

Traditional security remains a bottleneck for DevOps

58 percent have adopted DevOps, DevSecOps, continuous integration and continuous deployment (CI/CD) methodologies. In terms of regions, EMEA was slightly in front of the US on 53 percent and behind APAC with 63 percent.

“Of the organisations that have adopted, 95 percent have faced challenges integrating security into those practices,” says Hill.

“The top challenge reported was ‘limitations with existing security solutions’. Security processes not being changed was also voted as a high scorer.”

Moving forward

Hill says the technology has evolved and now it’s our turn.

“We’re continuing to see questions and concerns around how organisations should be approaching security along with their cloud deployments, especially from larger companies. There still seems to be a lack of understanding in cloud security, and a misplaced belief that on-premises security is a lot stronger,” says Hill.

“One thing is for sure: as the move to cloud only increases in pace, for organisations that are used to operating under traditional data centre architecture, moving to the cloud will require a new way of thinking when they approach security.”

Link image
Webinar: Best practices for keeping your video chats secure
Video collaboration providers nowadays operate exclusively on a multi-tenant, public cloud - and security and privacy concerns have come into the spotlight. Here's how to secure your communications.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More
Story image
Why it’s essential to re-write IT security for the cloud era
Key components of network security architecture for the cloud era should be built from the ground up, as opposed to being bolted on to legacy solutions built for organisations functioning only on-premises or from only managed devices.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More
Story image
Report: Rushing into cloud migration directly related to security issues
A new report from Radware highlights the impact of COVID-19 on organisations compelled to digitally transform in order to maintain business continuity. More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More