Are Organizations Overconfident About Cloud Security?

By: Arieanna Schweber | 9/26/2016

Given the ever-increasing number of data breaches, organizations have been struggling to regain control over data security. Some do this by shifting their corporate data from data centres to the public cloud. But, is this more secure, or does it instead result in a dangerous overconfidence about the state of data security?

Overconfidence is not a new phenomenon when it comes to data security. Many studies have established a dissonance between an organization’s confidence level in its own network security, endpoint security and the reality of rising data breach rates. We’ve also seen organizations place too much trust in employees, when insider threats continue to be the root cause of most data breaches. There’s also the risk that high profile breach coverage can negatively skew perceptions of data security and subsequent security spending.

Does the Public Cloud Offer Better Data Security than Private Data Centres?

A recent survey conducted by SADA Systems, 51% of the 210 IT executive respondents are more confident in the security and reliability of public cloud than they used to be. As a result, more companies are running more data and applications on public cloud infrastructure. The same percentage of respondents now believe that the public cloud offers better data security than their own data centres. But is this confidence misplaced?

Well, it depends. While it's true that large public cloud organizations have teams dedicated to staying on top of security, the recent Dropbox breach demonstrates that no organization is invulnerable to breach. Whether their data is in the cloud or stored in a private data centre, some organizations may overlook critical areas of data security by placing too much confidence third-parties.

How Cloud Adoption and the Endpoint Have Grown Together

One of the main drivers behind cloud adoption has always been mobility. The increased pressure to work from any device, any time, has propelled employees to find ways to share data across devices. Corporate-sponsored cloud data storage—or the growth of cloud use in the Shadow—is all about providing data to the endpoint. As endpoints are the main point of access for all this data in the cloud, securing the endpoint is critical.

The storage of sensitive corporate data on unauthorized Cloud-based applications such as Dropbox, OneDrive, iCloud, and Box can lead to costly data breaches. According to the 2016 Shadow Data Report, the average organization uses 841 cloud apps, and nearly all these applications lack enterprise-grade security and compliance features. We can't overlook security on the endpoint just because the data is “securely” stored in the cloud.

Absolute is helping confront the dangers of Shadow IT and Insider Threats with Absolute Endpoint Data Discovery (EDD), which comes as part of Absolute DDS. With Absolute DDS, you can determine if sensitive data is being stored on endpoint devices, even if stored in cloud applications. You also get access to remote capabilities to wipe data and remediate security threats. Whether you download sensitive data to your device from the corporate data centre or the cloud, the endpoint still needs to be protected. To learn more, get started with your free evaluation version of Absolute DDS today.

Financial Services