Despite ever-rising cloud adoption rates, some companies have been reluctant to aggressively move applications to the cloud. Security – or the fear of security breaches – is largely to blame.
CIOs, cloud security is within reach, and here are three reasons why.
CIOs are realizing that cloud security is a shared responsibility between them and their cloud providers. In addition to demanding security from their providers, they have learned:
- Managing user access in the cloud is different than for on-premise systems.
- Monitoring and alerting are critical components of cloud security.
- Ensuring key players in their organization are up-to-date on security assistance tools is the CIO’s responsibility.
The data security issues experienced at the National Security Agency with the Edward Snowden leaks were initially seen as a blow to cloud security and derailment to any forward progress. The exact opposite has occurred with major providers adding new features to enhance security.
End-to-end encryption is the foundational component of these improvements. Providers are not settling for only encrypting stored data – Microsoft, AWS and Yahoo are rolling out advancements such as increased key bit lengths, as well as encrypted data in transit between client sites and data centers and even among providers’ own data centers. Not to be outdone, Google now provides server-side encryption – meaning the data is encrypted even before it is written to disk.
Feds demand cloud security
The federal government continues to invest in the cloud. When the CIA says the cloud is secure for their data, awarding a $600 million cloud award to AWS, how can a CIO say he has concerns putting his company’s widget orders in the cloud? Between healthcare and national security, the government identified two high-profile platforms in its demand that the cloud provider market continue to lock down security.
Plus, the increased adoption of cloud solutions such as Salesforce.com, SAP’s SuccessFactors and Hybris is putting mainstream focus on the cloud security issue. Whenever companies as sizable and influential as Microsoft, AWS, Google and IBM partner with the government to research all potential security threats, clarity is sure to follow.