March 4, 2016 by Canadian Underwriter
Surveyed enterprises in the United States suggest that security of the cloud infrastructure figures prominently as both a benefit and a challenge, suggests a new poll conducted by B2B research firm Clutch.
Medium and large enterprises appear to have mixed feelings about cloud infrastructure security, with 22% of respondent enterprises ranking security as the number one cloud computing benefit while 31% also identified security as the most prevalent challenge, notes a statement from Washington, DC-based Clutch.
The company’s Enterprise Cloud Computing Survey 2016, information regarding which was released Thursday, included input from IT professionals at 300 U.S. enterprises with more than 100 employees. It also measured the budgets enterprises allocate for cloud security and the standards and compliance they consider most important.
While security was regarded as the primary benefit that cloud infrastructure provides enterprises (cited by 22% of respondents), this was followed by increased efficiency (15%) and access to space for data storage (12%). [click on image below to enlarge]
In all, Clutch notes that 64% of polled enterprises say cloud infrastructure is more secure compared to older legacy systems. However, more than half of these companies, 38%, indicate that cloud infrastructure is “somewhat more secure” than legacy systems, as opposed to “much more secure,” the survey results show.
Clutch reports the view that cloud infrastructure is more secure relates to cloud infrastructure’s monitoring systems, multi-layered security safeguards and central management.
Still, enterprises remain wary of security challenges when using cloud infrastructure and often bring on additional protections to safeguard against security breaches, data loss or service traffic hijacking, the company adds. [click on image below to enlarge]
Why is cloud infrastructure security seen as both a benefit and a challenge? Author and speaker David Linthicum attributes this to “cloud paranoia.” “I think responses to this question show that enterprises realized they needed a different, more advanced approach to security,” Linthicum says. “If companies are going to put data and files in the public cloud, security needs to be systemic to everything they do,” he adds.
Three-quarters of surveyed enterprises report that they adopt additional security measures beyond what a cloud computing service provider offers, “suggesting cloud infrastructure is not secure enough on its own, out-of-the-box,” notes the Clutch results.
Asked about the top additional security measures implemented, respondents cited data encryption (61%), identity access policies (52%), regular audits (48%), incident process for handling security issues (46%), third-party software and security management (42%), on-site inspections and tests (39%) and documented business processes (36%).
“Implementing additional cloud infrastructure security is costly, with more than half of enterprises (57%) spending between $10,000 and $500,000,” survey results show. [click on image below to enlarge]
“If a company selects a specific cloud platform or vendor, they will need to implement the security measures that the vendor does not provide,” Jason Reichl, CEO of Go Nimbly, suggests in statement from Clutch. “If no measures exist to tie a company to the cloud platform or hold the apps together, additional security is necessary so that there’s a common identity across all the apps and business processes,” Reichl advises.
The survey results indicate industry leaders identified other security measures that enterprises should prioritize, namely the following:
Clutch reported in February that 90% of polled enterprises in the U.S. planned to increase or maintain annual spend on cloud computing in 2016. Noting that the situation signals a growth opportunity for providers, they were advised to target opportunity in enterprise market.