Clouds cast long security shadow over enterprise IT

cloud shadow IT CSC Blogs

If you need more evidence that shadow IT is taking hold in enterprises, look no further than the most recent Intel Security Cloud Report.

The headline finding is that roughly 40% of cloud services are bought and used without the involvement of enterprise IT.

We’ve known that shadow IT has been a problem for quite awhile, but I suspect most of us didn’t think its prevalence was quite that high.

Depending on the nature of the data and the apps used by employees and business units, shadow IT can be very risky — or it could add very little risk at all.

For instance, a salesperson putting call notes in Google docs does not present an outrageous risk. But a research scientist putting notes in the public cloud that form the intellectual property behind the company’s next big product presents a significant risk.

The survey also found that:

  • 49% of professionals slowed cloud adoption due to a lack of cybersecurity skills
  • 65% think shadow IT is interfering with keeping the cloud safe and secure
  • 52% indicate a malware infection can be tracked to a cloud application
  • 62% store sensitive customer information in the public cloud

“The ‘Cloud First’ strategy is now well and truly ensconced into the architecture of many organizations across the world,” said Raj Samani, EMEA chief technology officer at Intel Security, in a news release. “The desire to move quickly toward cloud computing appears to be on the agenda for most organizations.”

There’s no doubt that the world is running to cloud systems. But these systems don’t secure enterprise apps and data on their own. Sure, the infrastructure and APIs may be reasonably secure — and cloud providers are making tools available to better secure devices — but everything enterprises do and build on these clouds must be kept safe. And, at the very least, enterprise IT needs to have insight into the apps and data that live in the cloud.

While cloud adoption by the IT department may be slowing down due to a lack of skilled cyber workers, employees and business units are not stopping their cloud adoption.

This is creating a challenge for IT departments, to be sure. Currently, only about 47% of enterprises think they have visibility into shadow cloud services. And 65% of IT professionals think shadow IT has made it more difficult to keep their clouds secured.

They’re not wrong.

RELATED LINKS

Where is the cloud workplace on the technology adoption life cycle?

What’s ahead for security and cloud adoption?

2017 will be a cloud buyer’s market as providers simplify and add capabilities

Comments

  1. I’m afraid that this just reads like FUD spreading. Can you give concrete examples of where and how a public cloud approach is less secure (whatever that means) than using owned systems. It’s quite hard to imagine an attack on public cloud that’s not much easier with owned systems.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: