Confusion over Security Responsibility in Cloud

 
 
By Karen A. Frenkel  |  Posted 11-30-2017 Email
 
 
 
 
 
 
 
 
 
  • Previous
    Confusion over Security Responsibility in Cloud
    Next

    Confusion over Security Responsibility in Cloud

    IT professionals are migrating to the cloud, yet they are unclear about public cloud shared responsibility for security.
  • Previous
    IT Professionals Ignorant of Shared Responsibility in the Cloud
    Next

    IT Professionals Ignorant of Shared Responsibility in the Cloud

    40 percent of respondents believe that their cloud service provider protects their applications and data. 34 percent believe security is their own company's responsibility.
  • Previous
    Despite Confusion, Rapid Migration to Cloud
    Next

    Despite Confusion, Rapid Migration to Cloud

    60 percent of respondents said they already have or will soon move their IT infrastructure to the cloud. 15 percent plan to migrate, but will retain some on-premises capabilities. 25 percent have no plans to move to the cloud.
  • Previous
    Proactive Organizations
    Next

    Proactive Organizations

    Organizations are being proactive when it comes to cloud-based application and data security. 55 percent have encrypted at least half of their internal traffic. 50 percent of large enterprises have unified security policy management across hybrid deployments.
  • Previous
    Advanced Persistent Threats
    Next

    Advanced Persistent Threats

    49 percent of respondents have a security solution that can prevent Advanced Persistent Threats that use application files as breach vectors.
  • Previous
    Identity Applications
    Next

    Identity Applications

    63 percent of respondents said they have some ability to identify apps or services operating in their public cloud.
  • Previous
    Ability to Enforce Policies
    Next

    Ability to Enforce Policies

    66 percent of respondents have some ability to enforce application-level access control policies in their public cloud.
  • Previous
    Control of File Movement
    Next

    Control of File Movement

    67 percent of respondents have some ability to see or control file movement and application flow in the public cloud environment.
  • Previous
    Ability to Block Malware
    Next

    Ability to Block Malware

    67 percent of respondents said they have some ability to block application flow vulnerabilities or malware in their public cloud environment.
  • Previous
    General Approaches to Cloud Security
    Next

    General Approaches to Cloud Security

    Asked what general approach they have adopted for public cloud infrastructure security, respondents reported as follows: Network-based: 28%, Host-based: 17%, Application-based (WAF): 16%, Next Generation Firewall (NGFW): 17%, I don't know: 10%, None of the above: 13%
  • Previous
    How Do You Prevent Data Exfiltration?
    Next

    How Do You Prevent Data Exfiltration?

    To monitor and analyze in- and outbound traffic to prevent data exfiltration, respondents do the following: Monitor and analyze: 51%, No monitoring and analysis, but plan to do so within six months: 15%, No monitoring and analysis, but plan to do so 6 to 12 months from now: 11%, No plans to monitor and analyze: 23%
 

Most IT professionals do not fully understand the public cloud shared responsibility model for securing applications and data and may believe their cloud providers have more responsibility than they in fact do, says a new study. Responsibility for security industry standards and compliance is shared between cloud service providers, customers and partners. The provider may relieve a customer's operational burden by operating, managing and controlling the host operating system components and virtualization layer to the physical securities of the facilities. A managed service partner takes responsibility and management for the guest operating system, including updates and security patches, data protection and application software security, and configuration of the cloud provider's security group firewalls. One thousand enterprise IT professionals participated in the survey, 73 percent of whom are unclear about security responsibilities, prompting 2nd Watch's Jeff Aden, co-founder and EVP of Marketing and Strategic Business Development, to comment that "many could stand to learn more about the shared responsibility model used by the major public cloud providers."

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register