Increased Cloud Adoption Is Driving Data Security: Gartner

by CXOtoday News Desk    Sep 07, 2017

Cloud Security

Rapid growth in cloud adoption is driving increased interest in securing data, applications, and workloads that now exist in a cloud computing environment states a study by Gartner.

“Security continues to be the most commonly cited reason for avoiding the use of public cloud,” said Jay Heiser, research vice president at Gartner. “Yet paradoxically, the organizations already using the public cloud consider security to be one of the primary benefits.”

The attack resistance of the majority of cloud service providers has not proven to be a major weakness so far, but customers of these services may not know how to use them securely. 

Disaster recovery as a service (DRaaS) is in the early stages of maturity, with around 20-50 percent market penetration. Early adopters are typically smaller organizations with fewer than 100 employees, which lacked a recovery data center, experienced IT staff and specialized skills needed to manage a DR program on their own, said the study. It further said that private cloud computing is used when organizations want to the benefits of public cloud — such as IT agility to drive business value and growth — but aren’t able to find cloud services that meet their needs in terms of regulatory requirements, functionality or intellectual property protection. The use of third-party specialists for building private clouds is growing rapidly because the cost and complexity of building a true private cloud can be high. 

Data loss protection (DLP) is perceived as an effective way to prevent accidental disclosure of regulated information and intellectual property. In practice, it has proved more useful in helping identify undocumented or broken business processes that lead to accidental data disclosures, and providing education on policies and procedures.

Organizations with realistic expectations find this technology significantly reduces unintentional leakage of sensitive data. It is relatively easy, however, for a determined insider or motivated outsider to circumvent, noted the study. Infrastructure as a service (IaaS) container encryption is a way for organizations to protect their data held with cloud providers. It’s a similar approach to encrypting a hard drive on a laptop, but it is applied to the data from an entire process or application held in the cloud, it said.

“Understanding the relative maturity and effectiveness of new cloud security technologies and services will help security professionals reorient their role toward business enablement,” said Heiser. “This means helping an organization’s IT users to procure, access and manage cloud services for their own needs in a secure and efficient way.”