sb-au logo
Story image

Hybrid cloud security big concern for business leaders

Modern hybrid cloud and multi-cloud environments offer numerous benefits to businesses, however many are also encountering significant challenges and risks especially when it comes to security, according to a new study from the Cloud Security Alliance (CSA) commissioned by AlgoSec.

Surveying 700 IT and security professionals, the study identified four key areas of concern when it comes to hybrid cloud and multi-cloud offerings, including public cloud, private cloud and the use of more than one public cloud platform. These areas of concern and risk around adoption and security were configuration and visibility problems, human error and outages, cloud compliance and legalities, and general security concerns.

According to the study, 81% of cloud users said they had concerns around security when it came to data losses and leakages (cited by 62%), regulatory compliance (57%), and integration with the rest of the organisations’ IT environment (49%).

When it came to outages, 11.4% of those surveyed reported a cloud security incident in the past year and 42.5% a network or application outage, with respondents noting that human error and configuration mistakes are the biggest cause. With management of devices, device configuration changes and device faults, operational and human errors were the two leading causes at 20%, 15% and 12% respectively.

In order to gauge how easy or difficult IT and security professionals found managing the security of their public cloud, the survey respondents were asked to rank different aspects from biggest to smallest challenge. Respondents put proactively detecting misconfigurations and security risks as the biggest challenge (3.35), a lack of visibility into the entire cloud estate as second (3.21), audit preparation and compliance third (3.16), holistic management of cloud and on-prem environments fourth (3.1), and managing multiple clouds (3.09) as the fifth and least significant challenge.

Cloud Security Alliance global vice president of research John Yeoh says in order to mitigate these risks, businesses need to take a proactive and holistic approach when it comes to their cloud security.

He says, “As companies of all sizes are taking advantage of the value of the cloud with its improved agility and flexibility, they are also facing unique new security concerns, especially when integrating multiple cloud services and platforms into an already complex IT environment.”

“The study findings demonstrate how important it is for enterprises to have holistic cloud visibility and management across their increasingly complex hybrid network environments in order to maintain security, reduce the risk of outages and misconfigurations, and fulfil audit and compliance demands,” Yeoh says.

AlgoSec CMO Jeffrey Starr says in a hybrid cloud landscape visibility and security management become 'mission critical'.

He says, “There is no one-size-fits-all cloud deployment model: organisations are choosing to adopt and use cloud resources in the way that suits their business needs. But this cloud flexibility also creates many security challenges for today's enterprise. Irrespective of how they choose to use cloud resources, end-to-end visibility across the networks is critical to meet security and compliance obligations. Robust network security management and automation become increasingly mission critical."

"We see organizations moving to automate security management across native cloud, multi-cloud, and hybrid network estates, driving agility while ensuring continuous security for next-generation enterprise environments,” he says.

The CSA is a non-profit organisation that promotes security in the cloud. AlgoSec is a provider of business-driven network and cloud security management solutions.

Story image
Swann home security kit recognised for innovation
The new 4K NVR Enforcer Kit was named a 2021 CES Innovation Award Honouree.More
Story image
Huawei: Corporates must focus on data minimisation and business continuity to mitigate data security challenges
"From a long-term sustainable point of view, organisations will need to adopt data minimisation and privacy by design and default."More
Story image
Top security threats for 2021
2021 will see several themes develop into full blown security threats, many of them borne from the struggles of pandemic-stricken 2020, writes Wontok head of technology Mick Esber.More
Story image
As digital transformation grows in A/NZ companies, misconceptions about their role in cloud security abound
While an 81% majority of A/NZ organisations are accelerating their digital transformation, a giant 99% of surveyed respondents say they believe their cloud security provider provides enough protection, according to a Trend Micro study. More
Story image
Online gaming a 'hotbed' for DDoS attacks — report
The latency and availability issues present in online gaming, in particular, presented an attractive target to attackers, in addition to the enduring popularity of gaming in the era of COVID-19.More
Story image
Hornetsecurity acquires Altaro, the latest in acquisition spree
The move is a culmination of a medley of acquisitions made by Hornetsecurity recently, following the January 2019 acquisition of Spamina, a Spanish cloud email security company, as well as EveryCloud, its British market partner, in early 2020.More