Study: Cloud Security Improving But Far From Fixed

By Ken Presti
March 08, 2013 5:30 PM ET

Page 2 of 2

Concerns about authentication are also very commonplace. According to the survey, only 29 percent of the respondents expressed confidence in their organizations' ability to identify and authenticate users before granting access to cloud resources or infrastructure. This is a decrease from 34 percent in the 2010 study. Meanwhile, confidence in the authentication procedures related to on-premise networks rated much higher at approximately 60 percent.

"Authentication and access management is a highly complex process under the best of circumstances, and when you introduce the cloud you add even more complexity," explained Ponemon. "Adding the cloud to the mix creates a big mess. Companies are starting to look at different options and one of those options is to have basically one system that regulates both cloud and on premises. These hybrid concepts appear to be very appealing to the respondents."

Overall, Ponemon recommended that solution providers advising cloud customers focus on two critical areas. The first is the relative security of each respective cloud provider, and the second is taking a careful approach to what types of applications and data are used in the cloud.

"The first thing I would do is to try to ascertain whether the cloud provider is certified based on a reasonable security standard, like an ISO27001, or NIST standard or FISMA," he said. "A certification is a good indicator, but it's not a great indicator because certifications can be outdated, or they can target issues that are not relevant to that particular customer. Channel partners should also make sure that there's a clear understanding about who is responsible for security. Lately there has been a lot of security systems built specifically for the cloud, such as various types of encryption technologies, or the ability to switch off ports when some form of anomaly is detected. Beyond that, you should think twice about whether to let sensitive data go to the cloud. But in general each company has to make that decision on their own."

PUBLISHED MARCH 8, 2013

<< Previous | 1 | 2

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Cloud

Comments by Vanilla

	AVG CloudCare: 5 Cool Features For Remote Virus Protection Whether managing one store or many, CloudCare is free until customers pay the fee.
	Top 10 Things To Know About Cisco's Push To The Cloud Cisco's message to partners at the 2013 Partner Summit in Boston was all about cloud. Executives called partners to embrace the cloud and assured partners Cisco is here to help.
	6 Tips To Mapping Out Cloud Migrations Rackspace provides key themes that partners and customers need to consider when planning their cloud migrations.
	More Slide Shows