The Cloud Security Dilemma
How do you balance the productivity of cloud apps against the risks they bring?
There is more than just hype when businesses discuss their transition to the public cloud. Cloud apps help businesses improve operations faster than ever before, and as a result, public cloud use is rapidly becoming a business standard. But optimism is blinding some business executives, leaving cloud security risks unaddressed. The rapid expansion in public cloud use isn’t followed with a similarly rapid expansion in cloud security.
According to recent survey results from Intel, 40% of businesses are failing to protect files located on SaaS with encryption or data loss prevention tools, and even fewer use anti-malware. Meanwhile, IT pros report an average of 2.7 attacks a year. Something has to give! Instead of more emphasis on security, we are witnessing a step back with more data leaks and loss than ever before.
The security problems that accompany cloud apps will probably get worse before they get better. Businesses who transition to the cloud without cloud security in mind will face serious risks that include data breaches, non-compliance, and personal data leaks. But, with better accounting, a business transitioning to the cloud isn’t destined to fall into the same trap as everyone else.
Part of the cloud security problem is that executives are focused on the overall business benefits the cloud provides, and their optimism outweighs their security concerns. Executives think IT pros have security handled, but IT pros see the risks and the attacks that occur regularly.
While IT personnel don’t want to impede executives’ goals, they face a conundrum if they also want to maintain strong security in the cloud. They can’t uphold digital security without access to additional resources. Executives see major cost savings in the public cloud, but they need to account for additional security expenses to safely transition. Therefore, IT pros need to convey the risks and accurately forecast the costs of cloud security up front, so that it’s included in the transition to the public cloud. Including the security expenses during the transition is a much better bet than waiting until there is an emergency and asking for additional funds further down the line.