Adopting the cloud technology has become a norm right now. According to an Intel-McAfee report over 93 percent of organisations are now adopting cloud services. “The ‘Cloud First’ strategy is now well and truly ensconced into the architecture of many organisations across the world. The desire to move quickly toward cloud computing appears to be on the agenda for most organisations,” said Raj Samani, EMEA chief technology officer, Intel Security.
Public cloud is the popular choice
One major trend to take to note of is the fact that the organisations are no longer shying away from the public cloud and are even using the public cloud services to store certain mission critical data. Even in a market like India, where cloud adoption is just about taking steam, public cloud services are expected to show an impressive growth. According to Gartner Inc, the public cloud services market in India is projected to grow 38 percent in 2017 to total $1.81 billion. Says Intel’s Samani that the trust and perception of public cloud services continues to improve year over year; and organisations are viewing cloud services as or more secure than private clouds.
The attractive factor is the low cost of ownership and overall data visibility. “Those who trust public clouds now outnumber those who distrust public clouds by more than 2-to-1. Improved trust and perception, as well as increased understanding of the risks by senior management, is encouraging more organisations to store sensitive data in the public cloud. Personal customer information is the most likely type of data to be stored in public clouds, kept there by 62 percent of those surveyed,” explained Samani. This was revealed in the recent Intel Security’s second annual cloud security report, “Building Trust in a Cloudy Sky.”
In India the highest growth in public cloud services will continue to be driven by infrastructure as a service (IaaS) which is projected to grow at 49.2 percent in 2017, followed by 33 percent in software as a service (SaaS) and 32.1 percent in platform as a service (PaaS). “We see increased cloud growth in the infrastructure compute services space as adoption becomes increasingly mainstream. Additional demand from the migration of infrastructure to the cloud, as well as increased demand from compute intensive workloads, both in enterprise and startup space, is driving this growth,” said Sid Nag research director at Gartner.
In many large enterprises, there is also the growing adoption of the hybrid cloud model. As per Intel Security report, hybrid cloud use has increased from 19 percent to 57 percent. “This move to a hybrid private/public cloud architecture requires the data centre to evolve to a highly virtualized, cloud-based infrastructure. On average, 52 percent of an organisation’s data center servers are virtualized, 80 percent are using containers and most expect to have the conversion to a fully software-defined data center completed within two years,” the report states.
Security in the times of Cloud
While cloud adoption is seriously a good thing, but this brings to fore, the issue of cloud security. The Intel Security report shows that, due to the ease of procurement, almost 40 percent of cloud services are now commissioned without the involvement of IT. As a result, 65 percent of IT professionals think this phenomenon is interfering with their ability to keep the cloud safe and secure. This is not surprising given the amount of sensitive data now being stored in the public cloud. In fact, 52 percent of respondents say that they have definitively tracked malware from a cloud SaaS application.
“A number of obstacles are impacting the full migration toward cloud computing. One of these obstacles is something that has been discussed for some time now and confirmed by our recent survey, the talent shortage. The majority of enterprises have slowed their cloud adoption due to the lack of cybersecurity skills on their staff,” explains Samani. According to Intel Security’s cloud security study, almost half of the organisations surveyed report the lack of cybersecurity skills has slowed adoption or usage of cloud services.
This is also leading many organisations to keep their most sensitive and mission-critical data in private data centres. But sources at Intel Security say that this may actually up the cyber theft risk. That is why experts are recommending that public clouds offer a more secure environment than private cloud set up since public cloud infrastructure has deeper and broader security resources.
Organisations need to evolve toward a risk management and mitigation approach to information security, since attackers will look for the easiest targets, regardless of whether they are public, private or hybrid. In their Cloud First strategy, enterprises need to put security operations in a proactive position instead of a reactive one. They will need to look at integrated or unified security solutions that provide visibility across all of the organisation’s services. Security technologies such as data loss prevention, encryption and cloud access security brokers (CASBs) should be integrated with an existing security system to increase visibility, enable discovery of shadow services, and provide options for automatic protection of sensitive data at rest and in motion throughout any type of environment.