Risks of Cloud Computing Still Emerging, Warns Spohn Security
AUSTIN, Texas, Oct. 16, 2017 /PRNewswire-iReach/ -- Although the full impact on data security in the Cloud is yet to be determined, the market for cloud services continues to grow exponentially. The worldwide cloud computing market is expected to grow to $191 billion by 2020, up from $91 billion in 2015.(1) The numerous advantages of cloud computing are driving a large move to the Cloud, but there is a downside.
"With cloud computing becoming so prevalent, security becomes a vital issue to address. If a company is not aware of all the ways in which their data is being exposed, security breaches can be devastating," says Timothy Crosby, senior security consultant for Spohn Security Solutions. Spohn has a long history of proactive security assessment reaching back well before cloud-based technologies even came on the scene.
Data security in the Cloud is a vital concern which is holding back cloud adoption for some IT departments, and driving cloud access security broker (CASB) adoption. CASBs are on-site or cloud-hosted software programs that sit between cloud service consumers and cloud service providers, whose function is to enforce security, compliance and governance policies for cloud applications. According to a Forrester report, by 2020, 85% of large enterprises will use a cloud access security broker solution for their cloud services, which is up from fewer than 5% in 2015.(2) More companies are recognizing their exposure to cyber threats now than they did before cloud access became so popular.
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.(3)
A recent Ponemon Institute survey of 400 IT specialists and IT security leaders uncovered how companies are managing risks with user-led cloud adoption. The Ponemon study identified nine cloud risks. Following high-profile breaches of cloud platforms Evernote, Adobe Creative Cloud, Slack, Equifax and LastPass, it's no wonder IT departments are reluctant to jump on the cloud bandwagon.
With LastPass, even admin passwords were exposed, thus possibly enabling cyber criminals to launch devastating cyber attacks. The scale of that breach was extensive. Ninety-one percent of companies have at least one LastPass user, and the IT departments at these companies may not even be aware that they have employees using LastPass.(4)
Another 2015 study identified the top five concerns of cloud computing users. The top two listed were:
- Unauthorized access to or leak of customer information; and
- Security defects in the technology itself.(5)
In addition, many employees are bringing their own cloud-based systems to the workplace or working remotely with cloud-based data. This BYOC environment opens up companies to even more security risks, the full impact of which is unknown at this time.
"When companies use cloud services to increase efficiency, they must also increase their diligence and security measures," Timothy Crosby advises. Crosby suggests that since many companies are at greater risk of cyber threats due to the use of cloud-based services, it is important for them to take all possible measures to protect themselves. He says, "If companies act early and take offensive action before threats invade their systems, millions and even billions of dollars in valuable information and assets can be saved. It's vital that top management and entire organizations recognize that it's their responsibility—not just the IT guys'—to update their computer risk assessment and protect their companies from possible security or fraud infringement."
About Spohn Consulting:
Spohn Consulting, Inc., an Austin, Texas-based, privately-held company established in 1998 by Darren L. Spohn, is an authority in navigating Fortune 500 companies and medium to small businesses through the security business challenges of the 21st century. Spohn Consulting works with organizations to assess their information security posture (the security status of an enterprise's networks, information, and systems based on identification and authorization resources—the people, hardware, software, policies, and capabilities in place to manage the defense of the enterprise and to react as the situation changes), as well as to offer customized instructor-led training and sell telecom services. Utilizing varied scopes of engagement, they deliver recommendations which can be measured against best practice or compliance standards. For more information on cyber security, visit https://spohnsolutions.com.
Sources:
1. Coles, Cameron. "9 Cloud Security Risks Every Company Faces." Skyhigh, 16 June 2017, http://www.skyhighnetworks.com/cloud-security-blog/9-cloud-computing-security-risks-every-company-faces/.
2. "CASB: What Is a Cloud Access Security Broker? Watch Our Short Video." Skyhigh, http://www.skyhighnetworks.com/cloud-security-university/what-is-cloud-access-security-broker/.
3. Grachis, George. "Achieving Compliance in the Cloud." CSO Online, CSO, 15 May 2017, http://www.csoonline.com/article/3191542/cloud-computing/achieving-compliance-in-the-cloud.html.
4. "2017 Cost of Data Breach Study: Global Overview." Ponemon Institute's 2017 Cost of Data Breach Study: Global Overview, 19 June 2017, http://www.01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=SEL03130WWEN&.
5. "Top 5 Risks of Cloud Computing." Calyptix Security, 22 June 2017, http://www.calyptix.com/research-2/top-5-risks-of-cloud-computing/.
Media Contact: Karla Jo Helms, JoTo PR, 888-202-4614, [email protected]
News distributed by PR Newswire iReach: https://ireach.prnewswire.com
SOURCE Spohn Consulting
iReach LastName, iReachCompany, 111-222-3333, [email protected]
Share this article