Networking

12:41 PM
Connect Directly
RSS
E-Mail
50%
50%

Businesses Hazy On Security Of Cloud Applications

Nearly two-thirds of organizations don't have a complete picture of what resources their employees are accessing, finds a Courion survey.

Slideshow: Cloud Security Pros And Cons
Slideshow: Cloud Security Pros And Cons
(click image for larger view and for full slideshow)
Who is accessing business data stored in the cloud? Apparently, many organizations don't know. Indeed, a new study found that nearly 48% of businesses "are not confident" that an audit of their cloud applications would find that only authorized users were accessing the business's cloud applications. That finding comes from a survey of 384 business managers from large enterprises, conducted by identity access and management provider Courion.

The survey also found that 61% of organizations -- compared with 53% in a similar survey conducted last year -- said they have limited, at best, knowledge of which systems and applications employees are accessing. Furthermore, 16% suspect that their cloud applications are being inappropriately accessed, but said they don't know how to identify unauthorized users.

Not surprisingly, while last year 58% of organizations weren't confident that they could prevent terminated employees from accessing one or more IT systems, this year that statistic increased to 64%.

Account access oversights make it difficult to ensure that only authorized personnel have access to sensitive information stored in the cloud. In addition, said Courion, lack of oversight also increases the threat from so-called zombie accounts -- "accounts that remain active after employees have left the company or changed roles." Zombie accounts increase the risk of data theft, either by malicious insiders or former employees, or else by outside attackers who manage to break into the account.

Another way in which cloud security often lacks oversight: 78% of respondents said there is no "single party" responsible for ensuring that business data in the cloud remains secured, and many are unclear on who should assume that role. Roughly two-thirds of respondents think both customers and cloud application providers are responsible for security, but 13% aren't sure where the ultimate responsibility should lie.

From a risk standpoint, companies are split on which is the bigger threat: inside attackers or external cybercriminals. This year, 57% of respondents said that their biggest security concerns involved external IT threats, up slightly from 54% last year.

Comment  | 
Print  | 
More Insights
Hot Topics
8
White-Box Switches: Are You Ready?
Tom Hollingsworth 7/28/2014
7
Understanding IPv6: Link-Local 'Magic'
Denise Fishburne, Cisco Champion,  7/24/2014
4
Network Security: An Oxymoron In The Cloud Era?
Rajat Bhargava, Co-Founder & CEO, JumpCloud,  7/22/2014
White Papers
Register for Network Computing Newsletters
Cartoon
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Slideshows
Twitter Feed