As the use of cloud computing continues to grow, so do many CIOs concerns about the cloud.
Gartner predicts that by 2016 cloud computing growth will increase to become the bulk of new IT spend. Amid this cloud conversation, one of the top concerns about moving to the cloud is security, and since a company’s life is dependent on the security of their information, it makes sense that this would be of the highest priority whether their data is in the cloud or on-premises.
But, in the land of data, just because you can see the servers doesn’t necessarily mean your data is safe.
Turns out, it’s actually the opposite:
A recent study by Alert Logic on cloud security compared data security from both on-premises and cloud hosting provider’s infrastructure during the second half of 2013. In particular, the study defined on-premises as customers who own and manage their own IT infrastructure and cloud hosting providers included solutions spanning from IaaS to fully managed and dedicated hosting environments.
Based on research from their first Cloud Security Report published in early 2012, they believe the fears of the cloud being insecure can be put to rest and that the true security of an environment is tied directly to the types of workload deployed and the diversity of the environment’s infrastructure. While there has been an increase in both on-premises and cloud attacks, on-premises is still more likely to be attacked than cloud environments.
The study reveals that as threats increase in diversity the sophistication of both on-premises and cloud security becomes even more important. There is not just one solution to address security moving forward, instead a four-pillar solution is recommended for both on-premises and cloud environments that addresses network, compute, application and application stack.
If threats are increasing, how are cloud users reacting?
In 2013, the Ponemon Institute conducted a survey of 748 IT and IT security practitioners for their 2013 Security of Cloud Computing users study to determine how cloud security has progressed over the past two years.
Their findings are summarized in the infographic below:
Their findings support the continued growth of cloud computing, in particular they saw a 35% increase in the number of IT leaders that reported using IaaS and 51% of IT leaders expect IaaS to play an important role in meeting IT needs within the next two years. They saw even more growth in SaaS, but what is scary about their findings is how “hands-off” IT leaders are when it comes to making sure that their SaaS applications or IaaS resources are secure prior to deployment. While it appears to be more common to evaluate security for IaaS investments, it is still alarmingly low for the invaluable data stored in the cloud.
What does this mean for your business?
Both of these studies show that it is becoming even more important that your data is secure and that you do your due diligence before choosing a hosting provider or deciding to remain on-premises.
When it comes to staying on-premises, companies need to consider the fact that on-premises attacks are on the rise. They need to determine if their team will be able to keep up with the diversity of the attacks on their system or if a cloud hosting company, whose core competency is security and has a team fully dedicated to updating, upgrading, patching, purchasing, and troubleshooting, is a better route for storing their critical data.
In addition, when choosing a cloud provider, companies need to carefully evaluate the security for all aspects and understand how the different cloud types can affect your security.