Fix your cloud security | InfoWorld

I found some interesting statistics in this RedLock article that illustrate the severity of the cloud security problem:

  • Only 7 percent of businesses have good visibility of all critical data, and 58 percent say they only have slight visibility. (ForcePoint)
  • Vulnerabilities: 24 percent of organizations have hosts missing high-severity patches in the public cloud. (RedLock)
  • More than three-fourths of security breaches (80%) involve privileged credentials. (Forrester)
  • Almost half (49 percent) of databases are not encrypted. (RedLock)

It’s pretty depressing, considering that we have technology to solve each of these problems. What’s happening?

Enterprises are either not willing to use the right technology, or they don’t understand that the technology exists. It’s not that the database is unencrypted, it’s that nobody has any idea how to turn on encryption in flight or at rest.

Also at fault are the “it was not on-premises” folks out there. They cling to the fact that since some security feature was not a part of the original on-premises system, it shouldn’t be needed in the cloud.

The time to deal with security issues is when you move from on-premises to the public cloud. You need to spend at least a couple of weeks looking at identity access management, encryption, auditing, proactive security, and more, and then evaluating its viability to your enterprise. Otherwise, you could miss the cloud security boat as you make the migration. 

In my opinion, this is the single most important step in migration. It allows you to reflect on what your security needs really are and how to solve them using cloud computing technology which, these days, is better than anything you can find on-premises. 

READ  AWS is getting serious about hybrid cloud with Outposts, so who is it for? | Cloud Computing



Please enter your comment!
Please enter your name here