Organizations for sure want to migrate to cloud services for it offers a plethora of benefits. It increases productivity, it is scalable and offers flexibility to work from anywhere across the globe. But enterprises have this nagging doubt about the sensitive corporate data that will be freely available in the cloud for shared as well as private cloud services. As per a new survey, the enterprises tend to think about where their data will be located and how it will be protected from unauthorized access and data breaches. A survey on about 1000 IT decision makers yielded the result that for sure about 60% of their IT environment will be in public, private or hybrid clouds. Of the things concerned regarding the deployment of cloud services, 43% respondents were worried about where the data is stored and 41% regarding its security. That doesn’t come as a surprise given the spate of data breaches that have occurred with even the big companies being the victims of such vicious attacks. But all these don’t necessarily mean that cloud services lag in security than the on-premise deployments. Organizations needing to migrate to cloud-based services face challenges with cloud visibility and security particularly in multi-tenant cloud environments.
Cloud application vendors have indeed invested large amounts in getting right the security aspects and thanks to it that the organizations aren’t suffering the major hacks that many had predicted. But, the security still lacks in the challenges of getting full cloud visibility. The multi-tenant cloud environment is an area of concern and it is difficult to intercept and inspect the data in motion. In such scenarios, even finding where the data is kept may be an issue. The data is stored in logical pools which are the physical storage that spans multiple servers in a cloud computing environment. With servers located in various places, to pinpoint the exact portion of the stored consumer data becomes complicated even for the cloud providers. When the vendor does provide information about the location, it becomes ‘easier said than done’ for the customer to confirm that it is accurate. The vendors start to feel that they are taking the vendors word for it. This being a problem, many vendors are taking up the challenge of visibility and transparency seriously.
The best solution on the consumer part would be to make things clear with the cloud vendor. The consumers, be it organizations or individuals need to insist that the cloud vendors explain in detail about how they operate, maintain and secure their cloud infrastructure. If the customer is not satisfied with the answers provided by the cloud provider about where the data is stored, then it is always better than they look for additional sources of security. The enterprises before selecting a cloud provider should ask queries regarding the cloud visibility and security of the data and the network so that there will be no challenges later. Correct deployment of cloud security solutions like the CASB solutions always help enterprises to protect their data against unauthorized access and help to meet the cloud visibility and security challenges. It is no surprise that 46% of the survey respondents were of the opinion that the cloud service providers’ security solutions have to meet their cloud compliance requirements before the start of cloud deployment. But the fact is that the vendors needn’t always share their proprietary security information and only the big companies usually get the reports from the cloud providers.
Leading cloud service providers have moved ahead and started to document and certify their cloud solutions. But finally, it is up to the enterprises to evaluate their cloud service provider. Now there is a growing market of vendors providing third-party visibility, monitoring and security services. Also, there are CASB vendors who provide solutions to help enterprises secure their data in the cloud. CASB solutions combine various techniques like IP restrictions, DLP solutions, single sign-on (SSO) etc., which not only helps in cloud visibility and security, but also help enterprises in meeting their compliance requirements. It is the duty of enterprises to ask the cloud service providers, information about their data and deploys CASB solutions so that their data remains safe against unwanted breaches as well as their need of cloud visibility requirements are met.