KEY POINTS
- Gartner estimates that by 2025, 90% of organizations that fail to control public cloud use will inadvertently share sensitive data to the public.
- In 2020, 86% of industry professionals surveyed by Statista stated that their enterprise had experienced challenges with managing data in multi-cloud environments.
- The 2016 Vormetric Data Threat Report (DTR), which receives input from over 1,000 senior IT security executives from around the world, revealed that 85% of enterprises kept sensitive data in the cloud.
This Ask the Experts session stems from a question originally posted on Quora titled “What is cloud information security?”
Cloud information security is essentially the protection of data which resides in the cloud, versus a traditional on premise computing environment. Similarly to the traditional information security approach used in an on premise environment, cloud information security relies on policies, technologies, controls, and procedures to protect data in the cloud. Where cloud information security and traditional information security differ however is the frequency in which information security best practices and processes need to be implemented and or re-evaluated. This is due to the fact that an organizations cloud environment is always changing.
Cloud information security is essentially the protection of data which resides in the cloud, versus a traditional on-premise computing environment. Similarly, to the traditional information security approach used in an on-premise environment, cloud information security relies on policies, technologies, controls, and procedures to protect data in the cloud. Where cloud information security and traditional information security differ however is the frequency in which information security best practices and processes need to be implemented and or re-evaluated. This is due to the fact that an organization’s cloud environment is always changing.
The major benefit of the cloud, and what attracts many customers to ultimately migrate some if not all of their services to the cloud, is that it allows an organization the ability to rapidly provision IT infrastructure, and other related services, in seconds; compared to an on-premise environment which can often take weeks, months, or years to deploy similar services and or infrastructure. The time disparity between the cloud and an on-premise environment is often due to supply chain constraints, insufficient manpower required to standup said services and infrastructure, or long procurement cycles.
While there are many benefits to the cloud, the fast paced nature of cloud deployments mean that configuration errors, and other security related issues, are more likely to occur in a cloud environment, when compared to an on-premise deployment, if the customer/system owner does not do their due diligence to document changes, review and or update policies, and remediate known security vulnerabilities.
With great scalability comes great responsibility.
Have any questions regarding to cloud information security? Contact us and we will be glad continue the dialog! Do not forget to click here to subscribe to our weekly newsletter for more information security related tips and tricks.
Additional Resources