08 Feb'18

Organisations shouldn’t rely on Cloud Service Providers for protecting their data; but they do


According to Javvas Malik, Security Consultant Researcher and Author, many organisations’’ have not kept pace with the security capabilities of cloud computing services.


Talking to Computer Weekly, Malik stated that cloud services ‘introduces different type of risks that need to be understood and effectively managed by enterprises.’


A survey conducted by Alien Vault using 918 attendees at the InfoSecurity Europe 2017 exhibition found that 28 % believed that expertise in cloud security was ‘novice’/’not very competent’.


Malik stated that while they may purchase cloud services from providers such as Google, Amazon and Microsoft, it is the organisations’ responsibility to protect their data.


Adding to this, Malik stated that ‘Many small to mid-sized enterprises venturing in the cloud will sign up for services and believe they are secure simply because they are using a large secure provider’.


Logic Monitor, a SaaS Performance Monitoring Platform Provider, published a report called ‘Cloud Vision 2020: The Future of the Cloud’. From surveying 88 US industry influencers and 195 AWS attendees, they found that the top three challenges for organisations engaged with the public clouds are: security (66%), governance (60%) and staff lack of experience (58%).


With 88% of respondents believing that 95% of workload running on the cloud between 1 and 15 years, the security concern and issue needs to be addressed.


In a BBC feature on whether we can trust cloud providers to keep our data safe, Gavan Egan, Verison’s Managing Director of Cloud and IT Solutions, stated ‘The biggest risk described is the fact that companies are giving up control to someone else using different data centre in remote places.’
Storage Craft published a list of 7 Cloud Security Breaches which demonstrates that although cloud service providers put security risks in place, they are not indestructible and organisations also need to become more knowledgeable about such risks.