Security challenges in Native, Hybrid and Multi-Cloud

Cloud adoption has been rapidly increasing over several years now. As the worldwide public cloud market continues to grow, hackers are targeting organizations’ cloud environments. The security and visibility in cloud platforms are becoming a big business challenge, and it is crucial that customers are properly trained to protect the technology. Recent CSA and Algosec have announced results of a new study "Challenges in Managing Security in Native, Hybrid and Multi-Cloud Environments".

The Key findings of the study include:

Cloud creates configuration and visibility problems: When asked to rank on a scale of 1 to 4 the aspects of managing security in public clouds they found challenging, respondents cited proactively detecting misconfigurations and security risks as the biggest challenge (3.35), closely followed by a lack of visibility into the entire cloud estate (3.21). Audit preparation and compliance (3.16), holistic management of cloud and on-prem environments (3.1), and managing multiple clouds (3.09) rounded out the top five.

Human error and configuration mistake the biggest causes of outages: 11.4% of respondents reported a cloud security incident in the past year, and 42.5% had a network or application outage. The two leading causes were operational/human errors in the management of devices (20%), device configuration changes (15%) and device faults (12%).

Cloud compliance and legal concerns: Compliance and legal challenges were identified as major concerns when moving into the cloud (57% regulatory compliance; 44% legal concerns).

Security is the major concern in cloud projects: 81% of cloud users said they encountered significant security concerns. Concerns over risks of data losses and leakage were also high with users when deploying in the cloud (cited by 62%), closely followed by regulatory compliance concerns (57%), and integration with the rest of the organizations’ IT environment (49%).

"This survey makes clear that there is no one-size-fits-all cloud deployment model: organizations are choosing to adopt and use cloud resources in a way that suits their business needs. But this cloud flexibility also creates many security challenges for today's enterprise. Irrespective of how they choose to use cloud resources, end-to-end visibility across the networks is critical to meet security and compliance obligations,” said Jeffrey Starr, CMO of AlgoSec. John Yeoh, Global Vice President of Research, Cloud Security Alliance said: “The study findings demonstrate how important it is for enterprises to have holistic cloud visibility and management across their increasingly complex hybrid network environments in order to maintain security, reduce the risk of outages and misconfigurations, and fulfill audit and compliance demands.”