The shift to the cloud has significantly increased the risks to data security, although the cloud itself is not necessarily to blame. As has been demonstrated, many cloud purchases are made outside the control or oversight of IT, creating a dangerous Shadow IT environment that, when left unmanaged, places corporate data at risk. At the same time, organizations have struggled to adapt their security technologies, with legacy security tools leaving gaps in data security.
In an article on Search Cloud Security, columnist Jaikumar Vijayan spoke with a number of security experts about the challenge traditional security tools have in addressing the risks associated with the cloud environment. Although much of the article looks to a full cloud service adoption, the same struggles apply to the use of SaaS cloud applications, particularly given that the average organization can have up to 841 cloud apps in use.
SANS analyst Dave Shackleford noted that “among the key security capabilities missing in modern dynamic data centres and clouds are visibility, rapid attack identification and fast, accurate and automated containment.”
Challenges in Cloud Security
Another major note was that cloud infrastructure “will never protect itself” and that relying on in-built security is a major security oversight that many organizations are making.
The article notes that visibility is one of the key challenges in cloud security:
Back when everything was on premises and there was a perimeter around your applications and infrastructure, it was easy to see all of the data flows into and outside of the organization and keep tabs on who was accessing what, where, when and how.
That task becomes more complicated when some of your data and applications are on premises and the rest are in the cloud and people are accessing them from PCs and mobile devices from behind the firewall and from outside.
Visibility, delivered in real-time in a simple cloud-based interface, is what we offer here at Absolute. Absolute DDS offers true visibility into the endpoint: the device, the data it contains, the data held in the cloud, and even the applications themselves. Identify risk conditions and receive a notification if these conditions occur. Scan for sensitive data on the endpoint or on cloud storage applications and tailor your security response based on the results. Validate the status of complementary security applications such as encryption, anti-malware, and SCCM with an automatic zero-touch reinstallation if these applications are tampered with.
With Absolute Data & Device Security (DDS), you can simplify visibility into both the endpoint and the cloud. Learn more at Absolute.com