Monumental changes in information technology are driving the evolution of security and demand for increased protection of mission-critical applications and data in the private sector. The advent cloud and mobile computing and the increased presence of advanced persistent threats (APTs), for example, are forcing professionals to rethink strategies.
At the recent InfoSec IT conference in London, several security trends were examined by IT executives from around the globe. Cloud computing was one of the main topics of discussion, as the technology, in its relative infancy, is revolutionizing nearly every aspect of business in every industry.
Cloud computing concerns
While the cloud itself is not necessarily a threat to sensitive information, the unknowns surrounding the hosted environments are causing decision-makers to reconsider what data and applications should be migrated to the virtual platforms, according to an Enterprise CIO Forum report.
The fears surrounding the cloud are forcing organizations to implement robust data protection tools. This sometimes includes advanced encryption technologies and taking a data-centric security approach, which monitors the safety of information, regardless of its location.
Some companies are also choosing to compromise and adopt hybrid clouds, which enable IT departments to migrate fewer sensitive systems to externally hosted environments and maintain mission-critical applications and data on site in private clouds.
"Hybrid IT is the new IT and it is here to stay," Gartner managing vice president Chris Howard said in a separate report. "While the cloud market matures, IT organizations must adopt a hybrid IT strategy that not only builds internal clouds to house critical IT services and compete with public [cloud service provders] but also utilizes the external cloud to house noncritical IT services and data, augment internal capacity and increase IT agility."
Cloud computing isn't the only concern companies are forced to face, however, Enterprise CIO Forum noted.
Mobile trends bring new worries
Currently, the BYOD (bring your own device) phenomenon is a major security concern for IT departments. As the consumerization of IT continues to drive the use of smartphones, tablets and other gadgets in the office, companies are forced to adapt to the fact that sensitive information can be accessed virtually anywhere on any platform. As a result, data loss is a much more present fear than it was in the past, Enterprise CIO Forum noted.
A recent survey by FishNet Security found that mobile computing is the top 2012 data security concern for more than one-third of IT professionals. Another 30 percent of respondents said they believe mobile devices will be the leading cause of data loss in the coming year, especially as more organizations adopt BYOD plans without enforcing robust protection programs.
The consumerization of IT should push IT departments to develop data-centric security tools so information can remain safeguarded wherever and however it is accessed.
Companies fear APTs
APTs are commonly recognized as cyberthreats that utilize a wide range of tactics to consistently assault sensitive information. These invasions are becoming more common and, as a result, decision-makers are recognizing the potentially devastating damage they can introduce to the corporate network and a business' confidential records, Enterprise CIO Forum said.
A recent study by Wave Systems founds that almost half of companies believe they don't have the proper tools to detect and eliminate APT attacks. Since these threats can remain dormant for long periods of time before they attack, the demand for technologies capable of preventing these assaults are becoming more widely demanded by organizations around the world.
Data privacy risks continue to be problematic
The proliferation of social media resources, like Facebook, has also introduced the possibility of unintentionally exposing personal information. Meanwhile, Google and other companies often have large volumes of private information regarding consumers, which they sometimes sell to companies looking to gain insight on online behavior. Citing a study by Axway, Enterprise CIO Forum noted that more than one-third of all complaints to the the U.K.'s Information Commissioner Office since 2010 have regarded breaches exposing personal records.
"Alarming as that figure is, it comes as no surprise that consumers in the U.K. are uniting in voicing their concerns about how their personal identifiable information is being leaked by trusted private and public organizations without their knowledge," Axway's John Thielens said, according to Enterprise CIO Forum.
As organizations continue to experience data security problems, decision-makers need to take initiative to prevent risks from damaging reputations, pushing customers away and exposing confidential records. Data security will continue to be a major issue that IT departments need to address in the coming years, especially as technologies advance and continue to find their way into the private sector.
Data Security News from SimplySecurity.com by Trend Micro