Four in five execs think conventional security is not enough for cloud environments


Earlier this week, this publication reported on a C-level study which showed a distinct lack of trust in cloud storage for fully securing corporate data. Now, a new survey from CloudPassage sheds light on the security executive perspective; 80% of security execs in North America don’t believe conventional network security solutions are enough to protect their cloud computing environments.

This is an interesting finding, not least because the amount of IT real estate based in public, private, or hybrid cloud environments is expected to reach 58% in the next 18 months compared to 43% today, according to the respondents. Similarly, while two thirds of customer data resides on-premise, that number is expected to fall to 50% in 18 months with 31% in private cloud and 19% in public cloud – so the pressure is on.

There were not many surprises when respondents were asked on the top drivers for adopting cloud infrastructure; improved agility and scalability (74%) won out ahead of cost efficiencies (67%), reduced IT overhead (60%) and faster time to market (55%).

Surprise, surprise, security concerns (66%) in general were the number one barrier impeding cloud infrastructure deployments, ahead of reconfiguring systems and applications (52%) and lack of confidence meeting compliance requirements (37%) – an issue spotted in another recent study, this time from Forrester. Only 4% said they had no concerns with cloud infrastructure deployments.

According to 65% of survey respondents, it takes three months or longer to deploy a new security solution for their cloud infrastructure environment, which leaves enterprises open to new threats and vulnerabilities which may emerge during deployment time. Only 2% of those polled said they were not concerned with the security of customer data residing in the public cloud.

Mitch Bishop, the chief marketing officer of CloudPassage, bemoaned how concerns about cloud security “continue to dog the industry.” “The plethora of point solutions on the market are overwhelming and confusing for security teams,” he said.

“A whopping 77% of survey respondents are experiencing tool fatigue and want a single solution for visibility, enforcement and compliance that is on-demand, deploys in minutes, fully automates a majority of security functions, and works across all their infrastructure: private, public, hybrid clouds and even bare metal servers.”

You can look at the full study here (email required).