Cloud Workloads at Risk from Security, Management & Compliance Failures

Cloud Workloads at Risk from Security, Management & Compliance Failures

New research from WinMagic has revealed that security, management and compliance challenges are affecting the benefits businesses get from using the cloud within their infrastructures.

The firm polled 1029 IT decision makers in the UK, Germany and US and discovered that whilst 98% of respondents use the cloud, 33% admitted that data residing there is only partially encrypted. What’s more, 39% said they do not have unbroken audit trails across virtual machines in the cloud, something that can leave them exposed to risks. Unsurprising then that 58% said security was their top concern on future workloads in the cloud, whilst protecting sensitive data from unauthorized access (55%) came in second.

WinMagic’s research also revealed confusion as to compliance of data stored in the cloud. A worryingly low 39% felt they were ultimately responsible for this, with 20% believing responsibility rests solely with the cloud service provider and the same percentage thinking they were covered by their cloud service provider’s SLA. This confusion is particularly concerning given the fact that GDPR will come into force in little over five months.

“The stakes for companies were already high, with data breaches increasing in frequency and scale,” said Mark Hickman, chief operating officer at WinMagic. “EU GDPR reinforces the care that must be taken with data. The simple fact is that businesses must get the controls in place to manage their data, including taking the strategic decision that anything they would not want to see in the public domain, must be encrypted.”

Finally, cloud adoption is taking its toll on the majority of IT enterprise teams, with over half spending more time on management tasks than ever before and needing to use more management tools to get jobs done.

“At its heart, using heterogeneous cloud environments is making it harder for businesses to manage security and compliance, leaving staff firefighting rather than focusing on new projects that will benefit their businesses,” Hickman added.

Source: Information Security Magazine