​Why Cloud security is everyone’s business

​Why Cloud security is everyone’s business

Don’t let overhyped security concerns obscure Cloud vision.

As the move toward Cloud gathers momentum, unwarranted fears about security are inhibiting the use of public Cloud services by some organisations.

“Concerns about cloud service provider security have become counterproductive, and are distracting CIOs and CISOs from establishing the organisational, security and governance processes that prevent Cloud security and compliance mistakes,” Gartner research vice president, Jay Heiser, said.

Looking ahead Gartner predicts that, through 2020, 95 per cent of Cloud security failures will be the customer’s fault.

“The naive belief that Cloud providers are entirely responsible for their customers’ security means that many enterprises are failing to address how their employees use external applications,” Heiser said.

Consequently, Heiser believes such an approach leaves them free to share “huge amounts” of often-inappropriate data with other employees, external parties and sometimes the entire internet.

“Virtually all public Cloud use is within services that are highly resistant to attack and, in the majority of circumstances, represent a more secure starting point than traditional in-house implementations,” he explained.

According to Heiser, only a “very small percentage” of the security incidents that have affected enterprises using the cloud have been due to vulnerabilities on the part of the provider.

“The cloud business model provides huge market incentives for Cloud service providers to place a higher priority on security than is typical for end-user organisations,” he added.

“Cloud service providers can afford to hire experienced system and vulnerability managers, and their economies of scale make it practical to provide around-the-clock security monitoring and response.”

Heiser said organisations should not, however, assume that using a Cloud service means that whatever they do within that Cloud will be secure.

“The characteristics of the parts of the Cloud stack under customer control can make it easy for inexperienced users to adopt poor Cloud practices, which can lead to widespread security or compliance failures,” he added.

Ultimately, Heiser believes the responsibility lies with the organisation to exert control over Cloud.

“Secure and regulatory-compliant use of public Clouds requires that enterprises implement and enforce clear policies on usage responsibility and cloud risk acceptance processes,” he added.

“Organisations that don’t take a strategic approach to the secure use of Cloud computing could find themselves in an un-secure, inflexible or uncompetitive situation.”

Follow Us

Join the newsletter!

Error: Please check your email address.

Tags CloudsecurityGartner



Looking back at the top 15 M&A deals in NZ during 2017

Looking back at the top 15 M&A deals in NZ during 2017

In 2017, merger and acquisitions fever reached new heights in New Zealand, with a host of big name deals dominating the headlines. Reseller News recaps the most important transactions of the Kiwi channel during the past 12 months.

Looking back at the top 15 M&A deals in NZ during 2017
Kiwi channel closes 2017 with After Hours

Kiwi channel closes 2017 with After Hours

The channel in New Zealand came together to celebrate the close of 2017, as the final After Hours played out in front of a bumper Auckland crowd.

Kiwi channel closes 2017 with After Hours
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP honoured leading partners across the channel at the Partner Awards 2017 in New Zealand, recognising excellence across the entire print and personal systems portfolio.

Meet the top performing HP partners in NZ
Show Comments