• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Cloud Computing   »   Seeing is believing: How providers are quelling clients’ cloud security worries

Seeing is believing: How providers are quelling clients’ cloud security worries

  • Posted on:July 10, 2015
  • Posted in:Cloud Computing, Industry News, Vulnerabilities & Exploits
  • Posted by:
    Jon Clay (Global Threat Communications)
0
Cloud service providers are putting an increased focus on quelling their clients' security concerns.

Ever since the emergence of cloud technology, business leaders and IT managers have had concerns about hosting their critical applications and infrastructure off-premises. These worries are understandable: For years, these companies have kept this essential information within their own building, taking care of the equipment and updates themselves. While the cloud can offer a range of benefits – including cost savings and more time to focus on other important projects for the IT team – anxiety about the security of these platforms still exists in today’s technological landscape.

Now, cloud service providers are putting an increased focus on quelling their clients’ security concerns. Using several strategies, including tours of the actual facilities where data will be housed, these vendors are putting their customers’ worries to bed, and helping them enjoy the full benefits of the cloud.

Cloud security: Still a top concern
According to a 2015 study from Bitglass, cloud security is still a top concern held by today’s IT leaders. Reporting on the survey, SecurityWeek contributor Eduard Kovacs noted that 90 percent of the 1,000 IT and security professionals participating in the survey said they were still moderately to very concerned about the security of public cloud solutions in particular.

In fact, the report found that security concerns are still a main barrier against adoption of the technology. Nearly half – 45 percent – of businesses hesitate to adopt the cloud because of worries about the general security of the platform. Another 41 percent were concerned about potential data loss and leakage, and 31 percent were hesitant about the loss of control over critical assets.

Although, in many industry circles, the cloud has become an irreplaceable part of enterprise infrastructure, these remaining worries have been enough to slow the overall uptick in adoption.

Gartner: Be concerned about the right threats
According to Druva contributor Paul Ferrill, Gartner acknowledged that worries still existed about cloud security. However, the firm pointed out that IT leaders and business managers should focus their concerns on the right elements. Gartner analyst Jay Heiser pointed out that oftentimes, enterprises expend their efforts on hypothetical risks that aren’t likely to impact their infrastructures, and are therefore a waste of time. Making matters worse are highly public events that put a negative light on cloud services, making decision-makers second guess the technology, even though the platform involved in the event is not the cloud service they use or are evaluating.

“In reality, Heiser explained, the most common forms of security breaches involve some kind of information-gathering such as a phishing attack,” Ferrill wrote. “Other breaches have some action on the part of an employee, either deliberately or by mistake. Both of these cases involve a form of human error which, at best, is difficult to detect and even harder to prevent.”

In this way, Heiser pointed out that it isn’t the cloud services that are failing, it is the customers.

Quelling cloud security concerns
As a result of this landscape, where an accidental or purposeful action on the part of an employee can lead to considerable risk, Heiser recommended putting policies and procedures in place to help govern the use of the cloud. These standards can help prevent human error that can lead to a breach.

“At the end of the day, it is your responsibility for defining and implementing specific security measures for the entirety of the IT operations. regardless of where the services are based,” Ferrill noted.

Data center tours
Some providers are taking a different approach to reducing security concerns through data center tours. Channelnomics reported that some vendors, including Equinix partner Unitas Global, have found that bringing customers into the facility and enabling them to see security measures with their own eyes, has made a big difference.

“Security is both the physical and how you can get hacked or how people can get into your systems,” said Patrick Shutt, Unitas Global CEO. “If you’re an enterprise CIO and [your] top reason for not wanting to go to [the] cloud is security, once you get through these discussions, do the tour of the facilities and understand that it is all dedicated and solely private to you, you sort of change your mind on the issue.”

Shutt said many CIOs leave feeling more confident about migrating to the cloud as the facility was more secure than they thought, or more protected than an on-premises infrastructure.

Related posts:

  1. Cloud security best practices: Benefits of cloud encryption
  2. Enterprises still lack confidence in cloud service providers’ security practices
  3. The evolving roles of service providers and third-parties in ensuring cloud security
  4. Study: Cloud providers and users think differently about security

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Cloud-based Email Threats Capitalized on Chaos of COVID-19
  • Detected Cyber Threats Rose 20% to Exceed 62.6 Billion in 2020
  • Trend Micro Recognized on CRN Security 100 List
  • Trend Micro Reports Solid Results for Q4 and Fiscal Year 2020
  • Connected Cars Technology Vulnerable to Cyber Attacks
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.