There is a lot of noise out there regarding the security related buzz with some claiming that on-premise solutions are more secure while others claiming that the cloud is better. It is time to separate the wheat from the chaff in terms of security on the cloud. Let us examine the truth about the cloud and its security aspects.
According to a market report, the demand for cloud security solutions is one of the fastest growing segments in the security products and services market and is expected to reach a valuation of USD $ 9 billion by 2020. This is because of the high demand for cloud based solutions due to the competitive advantage that they offer to users. Security and the cloud were listed by over 35% and over 30% of IT executives respectively as the top priorities for IT initiatives as per a 2015 industry report.
Though it is a secure platform, data breaches may still happen on the cloud just like in any other IT environment. Appropriate contingency procedures & security policies and back up protocol would prevent it, contain the damage in case of a breach and initiate corrective actions. Even on-premise systems do face the similar security threats due to hacking, malware etc and cannot claim to have a better security performance when evaluated against the business advantages offered by the cloud. No environment can claim to have a better insulation against security threats than the others.
With the infrastructure and the high quality intellectual capital of the large and established cloud service providers, the security competence of multi-tenant environments like the cloud is better than that of standalone firms using on-premise solutions.
In the debate between the public cloud and the private cloud, it does not mean that because the private cloud is not exposed to the internet, has more control over data, has better compliance to HIPAA/PCI standards and is therefore more secure. Actual security competence would depend on how you use the technology platform, what sort of policy and protocol are in place and enforced and the nature of the solution used as well as its integration on the cloud.
Storage on the cloud is important but has challenges that must be met. When users think about the cloud, the storage and backup services are foremost in their mind as they are a key data protection and security concern. Almost half of all respondents in an industry survey felt that the storage aspect was the most risky cloud application followed by those that deal with finance or accounting. This is due to the sensitive data on the cloud but be assured that appropriate data protection measures are in place in the better cloud environments and applications.
Employees could be possible threats and a 2015 industry report has said that employees caused 60 % of security breaches in the past year. This is compounded by the recent threat of BYOD diversity in which employees use their personal devices to access the cloud solution leading to possible security issues. Now cloud adopters are asking to assess security of the cloud in terms of their unique requirements before they adopt it. Appropriate permission protocol, security audits, maintenance of user logs etc are some of the measures that might help. The space of security to address BYOD diversity relating to the cloud is evolving rapidly and will see rapid development soon.
As the IoT adoption grows in accessing the cloud, it will create more vulnerability to security attacks via the cloud application that integrates their environment with IoT devices. However, this space is in a nascent stage as we speak and the security measures will improve with it as it adopted on a large scale. After BYOD diversity is tackled in terms of cloud security, IoT security on the cloud will be the new challenge.
The sad part is that a lot of cloud users do not have appropriate security policies or protocol in place and they just put the onus on the service provider or the solution provider. This is a big mistake. As per a cloud industry report on security aspects, over a quarter of cloud users do not have data security policies/procedures, more than 68% do not have any policies in place and over 6% were not aware if they have a policy in place. These figures point towards a lack of responsibility of a large bunch of users that were unaware about the criticality of security policy/protocol and would just indulge in finger pointing when a breach occurs without playing their part to prevent it.
Also, the right security tools are not being used by those operating in a cloud environment. As per an industry report, about 60% of users are still using VPN connections, but only a third of them are using firewalls or encrypting data for better security, only 15% were using measures to secure sensitive data.
While the responsibility of the cloud environment cannot be taken away, the solution provider and the user must also play their part to prevent against security threats.
The cloud is already the preferred choice for solutions due to its affordability, easy & anytime/anywhere access, lower financial & investment entry barriers as well as minimal set up times.
We at VersAccounts have created a secure cloud based one stop comprehensive ERP solution. It addresses key security concerns in the most effective manner possible. It is affordable and targeted towards SMB’s and is backed by a promise of dedicated support. It is being used by clients in diverse verticals and could help you redefine the way you operate and grow your business.
We’d love to hear from you.
To know more, please visit www.versaccounts.com or contact us directly.
Reference and further information: