Nearly two-thirds (65 percent) of IT professionals report that security concerns and lack of visibility are hindering their cloud adoption, according to a Netwrix survey of 611 IT professionals.
In fact, as many as 69 percent said they are concerned of the risks of unauthorized access in the cloud, while 43 percent worry about account hijacking.
Companies migrating to the cloud plan to enforce internal security policies: 56 percent plan to improve identity and authentication management, 51 percent will utilize encryption, and around 45 percent of medium-size and large enterprises plan to establish auditing of changes and user activity.
“The main blind spots businesses have when adopting cloud tech are the people. Businesses need to consider that cloud technology is used by people, and people are very hard to control,” Michael Fimin, CEO of Netwrix, told eWEEK. “Other blind spots include unknown vulnerabilities in the commonly used security protocols, like OpenSSL and the famous Heartbleed bug, which was revealed after several years it was known by hackers. Cloud technology must stay ahead of adversaries, or at least fix vulnerabilities with regular, timely updates.”
Overall, 13 percent of organizations reject adoption of cloud technology in the near future; however, 30 percent of them are ready to reconsider their decision as soon as cloud security mechanisms are improved.
“Cloud is not a new technology, but the problem of security has not been solved,” Fimin said. “This issue still bothers the majority of companies, and results in the fact that 13 percent don’t consider cloud adoption at all. This is a question of trust, but there should be certain steps to gain the trust. Unfortunately, we don’t see anything in this direction.”
A hybrid cloud deployment model is preferred by 44 percent of respondents as they transition from on-premises infrastructure to a cloud-based model. Private clouds attract 37 percent of organizations prepared to invest in additional security.
Overall, 71 percent of enterprises perceive continuous auditing of cloud infrastructure as a very important part of security guarantees to ensure data integrity in the cloud.
“The need for security and lack of physical control will drive people to fill these gaps,” Fimin said. “Visibility into any changes made to the data stored externally will help to cope with these fears and enable organizations to trust more to the cloud provider.”