McAfee’s third annual cloud adoption and security report says 97 percent of organizations, including small businesses, now use cloud services from public, private, or a combination of both platforms. The bad news is 1-in-4 of organizations using the public cloud have experienced data theft.
2018 Cloud Adoption and Security Report
The McAfee report, “Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security,” looks at the state of cloud adoption and the challenges organizations face in protecting their digital assets. This year’s report also addresses concerns with private and public cloud services and the impact of Shadow IT. The term refers to IT resources built and used within an organization but without its explicit approval.
With cloud adoption nearing 100 percent, the technology is being used by organizations of all sizes. This includes small businesses who are beginning to appreciate the full benefit of cloud computing despite the risks.
In a press release, Rajiv Gupta, senior vice president of the cloud security business unit for McAfee, explains how businesses counteract the risk by having the right security protocols in place. Gupta says, “By implementing security measures that allow organizations to regain visibility and control of their data in the cloud, businesses can leverage the cloud to accelerate their business and improve the security of their data.”
The survey for the report was carried out between October and December of 2017 with the participation of 1,400 IT professionals. McAfee said a diverse set of industries and organization sizes across 11 countries took part in the survey.
When it comes to data theft, it is the number one concern of the IT professionals who were surveyed. This is because more than 25 percent of the IaaS and SaaS users have fallen victim.
McAfee attributes the problem to a shortage of security skills. Only 24 percent of the respondents said they are not facing skill shortages. This means 76 percent are experiencing different levels of shortages in cybersecurity skills.
Other Data Points
Asked what type of data these organizations store in the public cloud, 83 percent said they store sensitive information and 69 percent indicated they trust these public platforms to keep their sensitive data secure.
Again, this is despite the fact 1 in 4 organizations (or 25 percent) have suffered data theft while using the public cloud, and 1 in 5 have seen advanced attacks against their public cloud infrastructure.
You can download the full report here.
Best Practices and Recommendations
As the result of the study, McAfee has come up with three best practices organizations should adopt to ensure the security of their cloud infrastructure:
- Improve code quality and reduce exploits and vulnerabilities with DevOps and DevSecOps and Integrating development, quality assurance, and security processes within the business unit or application team.
- Automate with tools such as Chef, Puppet or Ansible. (McAfee says use of these tools is fundamental to modern IT operations. The same tools should be used when migrating to the cloud, the company says.)
- Move away from multiple management tools and deploy a unified management platform across multiple clouds to reduce the complexity and cost while increasing security.
The Cloud Has More Benefits Than Risks
Still, when all is said and done, the cloud offers too many benefits to ignore. Ninety percent of respondents trust it more now than they did a year ago. This is attributed to an increased knowledge of cloud technology. Native security and third-party integration for commercial security technologies have also made cloud technology safer as has an increased sense of responsibility by all parties involved.
As much as they claim that the cloud is secure. It really isn’t. You put your information out there so it is bound to get accessed by some exploiters.