Fortunately, the hesitation surrounding the cloud is often unsubstantiated. Gartner anticipates that through 2022, at least 95 percent of cloud security failures will be the user’s fault – not that of the cloud provider. As a result, it’s time for companies to revisit what they are willing to put into the cloud. According to Gartner Research Vice President Jay Heiser, companies need to change their line of questioning from “Is the cloud secure?” to “Am I using the cloud securely?”
Embracing cloud security starts with accepting the reality that embracing the cloud itself introduces a model of shared security responsibility. Successful partnerships are based on a mutual understanding around which party assumes responsibility for each component. Under a shared responsibility model, cloud service providers take on the responsibility of securing the infrastructure running applications and storing all the data in the cloud. Companies have the responsibility for the actual usage including monitoring configurations, user activity, suspicious network traffic as well as host vulnerabilities.
“By embracing the shared responsibility model, companies are working together with the cloud provider to ensure that data remains safe and secure over time,” says Michele Barletta, security product manager for MindSphere in the Digital Industry division of Siemens AG. “This is crucial because resources and systems are constantly changing. It’s important to track those changes when adding more data to the cloud. The security controls need to stay up to date to maintain security expectations.”
Of course, when selecting a cloud provider, companies need to do their homework and every company needs a cloud strategy, which includes paying close attention to cloud security and compliance.
Interested in learning more about how to protect your data in the cloud? Download our Ask the Expert, “Time to Clear the Air on Cloud Security,” to learn more about keeping cloud storage safe.