Cloud Adopters Balancing Cost Savings, Security
Cloud security vendors are betting that more enterprises are looking to outsource their security operations just as they have turned over management of parts of their IT infrastructure to public cloud suppliers. A new study released this week by a cloud security-as-a-service vendor finds that about half of those surveyed are investing more in security operations after adopting cloud computing.
A separate survey also released this week concludes that IT managers are still struggling with the tradeoffs between cost savings and security concerns as they shift to the cloud. That tension is among the reasons why more enterprises are embracing hybrid cloud infrastructure.
The survey of 100 U.S. and U.K. cloud security specialists by Forrester Consulting also found that just under half of cloud adopters are instituting new cloud security and controls while 46 percent said they are reevaluating security operations across their entire IT infrastructure.
Ben Matheson, chief marketing officer for survey sponsor Alert Logic, Houston, argued that the results underscore a shift to supplementing cloud security operations with vendors like Alert Logic offering "cloud-native technologies and fully managed services."
Among the reasons for outsourcing security operations is the difficulty of recruiting cloud security experts along with a shortage of technical resources needed to run an in-house security operations center, the company argues. A hefty 79 percent of respondents responsible for cloud security said they welcome outside help in running cloud security operations. Their biggest challenges included managing security content, identifying and blunting "multi-vector" attacks and the high cost of cloud security, the survey found.
The Forrester survey also found that IT administrators are turning to outside help for capabilities like threat intelligence analysis (83 percent) as they seek to develop real-time threat detection capabilities. Also cited were assistance for securing public clouds (80 percent), overall security operations (77 percent), network security along with data privacy and regulatory compliance (both 76 percent).
In a separate cloud adoption survey released this week by IT management specialist Veritas Technologies, cloud infrastructure managers were nearly evenly split on the tradeoff between cost savings and lingering cloud security concerns. While more than one-third of 500-plus respondents cited cost as the key driver for moving to the public cloud, more than half said security and "protection architectures" remain the primary reason for avoiding the public cloud.
Curiously, security was cited most often by those who have shifted workloads to public clouds, prompting the survey authors to note, "public cloud vendors need to better articulate and promote their security capabilities and successes."
The Veritas survey also confirms the steady shift to hybrid cloud infrastructure, revealing that a "sizeable number" of respondents reported that critical workloads, backup and recovery as well as disaster recovery and databases remain on-premises.
“This world is more—not less—heterogeneous, which can mean increasing complexity from an information management perspective," Simon Jelley, Veritas vice president of product management at Veritas Technologies, noted in a statement releasing the survey findings. "Organizations must be more vigilant than ever in identifying IT blind spots and potential security risks to avoid unplanned downtime or an information crisis."
