Full cloud connectivity and operation has long been the dream for many businesses all around the world, securely storing their data and information in a remote location. Not only does this technology simplify the organisation of all data and docs, but can reduce the physical footprint of the business – a great potential money saver.
However it appears that question marks over the security of the technology is still inhibiting widespread adoption, with decision makers from many different industries deeming the cloud too insecure to be 100% robust and reliable. This is despite the technology entering into maturation, and being present throughout many industries.
In a report released earlier this year, drawing input from 270 security, software and networking specialists, there were 12 main areas of concern regarding the security of cloud technology:
• Data breaches
• Weak identity, credential and access management
• Insecure APIs
• System and application vulnerabilities
• Account hijacking
• Malicious insiders
• Advanced Persistent Threats (APTs)
• Data loss
• Abuse and nefarious use of cloud services
• Denial of Service
• Shared technology issues
The Cloud Security Alliance has moved to allay these fears, suggesting that any security breaches are more likely the fault of a poorly executed moved onto the cloud, rather than the platform itself. In a press release, CSA executive vice president of research, J.R. explained:
“The 2016 Top Threats release mirrors the shifting ramifications of poor cloud computing decisions up through the managerial ranks. Instead of being an IT issue, cloud security is now a boardroom issue. The reasons may lie with the maturation of cloud, but more importantly, higher strategic decisions are being made by executives when it comes to cloud adoption.”
And all the major cloud service providers have recognised this hurdle when convincing potential customers to convert to the technology – implementing one of two processes to providing high levels of security: reactive and proactive.
The reactive approach incorporates the implementation of a 24/7 management and customer services team to respond immediately to any threats or potential data breaches, whilst the proactive approach involves the installation of appropriately robust security measures from the off.
When implementing new applications or web-based software from scratch, there is a large number of benefits to being ‘born in the cloud’, not least the efficient practices it affords. However it is important that this process is managed by an experienced team who help you receive all the benefits whilst remaining secure.