//
you're reading...
Information Security, IT & TECHNOLOGY

Addressing Cloud Security Concerns in the Enterprise


CSA-Logo

cloudsecurityBusinesses want to move to the cloud, they really do. And more than ever, they’re starting to make the switch: A Cloud Security Alliance (CSA) study that polled more than 200 IT professionals found that 71.2 percent of companies now have a formal process for users to request new cloud services.

That CSA study also found that nearly two-thirds of IT professionals trust the security of cloud computing equally or even more than their on-premise systems. About a third of respondents cited better security capabilities to be a benefit of the cloud. However, almost 68 percent of respondents noted the ability to enforce their corporate security policies remains a barrier to cloud adoption.

Companies know there’s top-notch security in the cloud, yet security remains the biggest hurdle in getting over to the cloud. Kind of a catch-22, huh? Fortunately, there are a few things you can do to help assuage these fears.

Cloud security is something everyone in a company should be concerned with, not just the IT department or decision-makers. And while the tools we use are improving and more people are starting to better understand cloud computing, people still play a big part in security. Your team of security professionals should get the correct training early on in their tenure, and constant training will allow them keep their skills sharp.

Outside of security professionals, all employees within a company should know their role in maintaining a secure environment. Having a proactive approach to security risks is the first step, which is something that 82.2 percent of companies have. However, fewer than half of the companies that responded have a complete incident response plan. With real concerns like loss of reputation or trust, financial loss, and destruction of data, it’s imperative to have a plan in place to combat any potential security issues head-on, rather than reacting after the fact.

To help with the development of that plan, some businesses have turned to a managed service provider (MSP). Naturally, there are concerns surrounding that, as well­–the CSA report notes 87.3 percent of companies cite access control as an important asset of cloud security. Our Datapipe Access Control Model for AWS (DACMA) addresses this concern by letting a business stay in control by securely delegating access to Datapipe while retaining control of their credentials. DACMA’s role-based access and accountability elements also ensure the right people within an enterprise are accessing certain data. And with 24/7/365 security monitoring, you’ll be on top of the ball should an issue arise.

Whether or not you choose to partner with an MSP to assist with security, there are plenty of reasons to develop a cloud security strategy that works within your enterprise. There’s no one right method, but there is a wrong approach: not doing anything about it. To learn more about first steps you can take, visit our Managed Security page.

David Lucky, Director of Product Management, Datapipe

[Cloud Security Alliance Blog]

About @PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Web Stats

  • 119,380 hits
@PhilipHungCao

@PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,247 other followers

Twitter Updates

Archives

May 2016
M T W T F S S
« Apr   Jun »
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
%d bloggers like this: