With an increasing amount of corporate data residing in the cloud, enterprises must wrestle with new security challenges daily. These are not always easy to navigate and are dependent on any number of variables, reflective of context that can be either directly related to enterprises (e.g., line of business, supply chain) or totally out of their control (e.g., socio-political events). The priority for enterprises is the security of their data in cloud environments that are hosted and run by third parties. Regarding this, two contingencies come into play.
Protecting from Threats
First, enterprises need to ensure the protection of corporate data from active threats, such as theft and interception, primarily from threat actors. Some of these threats are run-of-the-mill types, with which enterprises are largely familiar as they also affect them on-premises; this makes them straightforward to deal with. However, there is also a category of threats that specifically target cloud infrastructure, and these are much more difficult to address, especially because they fall under the responsibility of the cloud provider, so the enterprise has limited ability to address them.
Second, enterprises need guarantees on the privacy of their data, and making sure it is shielded not only from malicious actors, but also from legitimate third parties, whether that is the cloud provider or other cloud tenants. Cloud platforms are more complex infrastructure than any one enterprise environment, with numerous compute and storage capabilities, backed by redundant and failsafe mechanisms. Just the basic operation and management of a cloud service can be complex for enterprises, requiring knowledge and expertise that they may not have. Misconfiguration or poor security implementation by the enterprise can easily happen, putting data at risk.
Corporate data are, therefore, vulnerable on several fronts, and the key challenge for enterprises is ensuring their confidentiality, integrity, and availability, in a manner that is consistent with how they deal with such issues when the data are uniquely under their control.
Enterprise Limitations & Cloud Complexity
Unfortunately, enterprises cannot always use the same tools and processes they have deployed on-premises to protect their data in the cloud. There may be technical limitations of appliances to function outside of company networks or additional requirements to subscribe to different product solutions altogether. They may also need new skills to know how to secure data in cloud environments. Even if these can be overcome, enterprises often incur costs to resolve these, such as increased spending or Information Technology (IT) overhead. These are all challenges that need to be addressed.
Enterprises also need to consider the complexity of managing their data across various platforms. It may be deploying a hybrid cloud or using multiple cloud platforms. This means that the challenges outlined above are multiplied by the number of deployment scenarios. Even between cloud platforms, there will be differences in how data security is managed. For instance, enterprise tools may work with one provider, but not another, and different tools may be offered by the providers themselves, which can add to both costs and the number of tools an enterprise has to manage.
Thus, while the cloud may provide benefits and cost savings with regard to storage or computing, it also makes data security management much more complex and fraught with issues that cannot easily be resolved by the enterprise alone. An adapted data security strategy is required for protecting data appropriately in the cloud. The key need for enterprises is finding a solution that guarantees security in the cloud, while being flexible and scalable, and without significantly increasing costs or complexity, both of which decrease the appeal of using the cloud in the first place.
Learn how technologies solve cloud security issues by reading the ABI Analyst Insight Protecting Data in the Cloud: Challenges, Technologies, and Requirements.