IT managers are struggling to reconcile the realms of cloud computing and data security, according to a study from AccelOps (PDF), a maker of security information and event management (SEIM), performance and availability monitoring software. And it's holding enterprise cloud adoption back.
In general, IT managers are struggling with BYOD, data control and staving off potential data loss. Enforcing security policies and gaining visibility across cloud-based and on-premise infrastructure resources round out the top five concerns among the 176 IT security professionals surveyed by the company.
Those concerns appear to be well founded and users are doing their part to exacerbate them.
In a recent study from Symantec, 43 percent of those polled by the company copped to having lost data that was parked on the cloud. Although it is possible that their cloud service providers suffered a failure or outage, the likeliest cause was human error, said to Dave Elliott, senior manager, Global Cloud Marketing at Symantec.
Elliott told Datamation,"The user could have accidentally misplaced the data and literally just could not find it."
In its study, AccelOps discovered that 65 percent of organizations have hopped on the cloud services bandwagon. More often than not, mission-critical applications and data don't come along for the ride. Just 46 percent said that they allow critical data to leave the confines of their data centers. Even fewer have faith that their IT toolsets can keep their data safe in the cloud.
AccelOps said "...39 percent of respondents believe that their existing SIEM and infrastructure monitoring tools are not acceptable to support their cloud security and regulatory compliance requirements."
It doesn't help matters that the blame falls largely on internal IT staff when things go awry. Seventy-eight percent said that their in-house IT departments were responsible for cloud security while just 13 percent placed that burden on managed services providers (MSPs).
Divisions also emerged on the service-level agreement (SLA) front. In terms of security and access control, 51 percent reported that they were "moderately to extremely satisfied." A good number, 41 percent in fact, seem to simply have accepted their lot and claimed that they were "neither satisfied nor dissatisfied."
AccelOps CEO Flint Brenton believes that in the face of tumultuous cloud and mobile device markets, the industry could do a better job of helping organizations successfully transition their workloads to the cloud. "There is much work to be done to ensure that security threats and the risk of data loss associated with cloud environments are minimized," he said in a company statement.
"The myriad of cloud services and an ever-changing BYOD landscape means we can no longer simply lock down access to sensitive resources; we have to do a better job of monitoring, correlating and analyzing infrastructure behavior and events to recognize and respond to incidents in real-time," added Brenton.