Organizations are moving their security to the cloud, but concerns remain
Handing security for an organization these days is a demanding and challenging task. Cybercriminals, hackers, malware, ransomware, and phishing attacks are all threats targeting many businesses.
To ease some of the burden, many organizations have started migrating their security tools to the cloud. Basically, this means that the products they purchase from security vendors are deployed and managed in the cloud as opposed to deploying and managing them on-premises.
Moving your security tools to the cloud offers certain benefits, such as better threat monitoring and lower maintenance. However, there are concerns among customers trusting their security to an online venue, as described in a report released Wednesday by Exabeam.
SEE: Top cloud providers in 2020: AWS, Microsoft Azure, and Google Cloud, hybrid, SaaS players (TechRepublic Premium)
Based on a survey of 130 security practitioners, Exabeam's report found that 52% of the respondents started moving to cloud-based security products during or before 2018. Some 18% waited until 2019, 3% began in 2020, 13% haven't yet started, and the rest don't know when they'll migrate. Among those that have kicked off their migrations, more than half have moved at least one quarter of their security tools to the cloud, while about one third have moved more than half of their security tools.
Organizations migrate their security to the cloud for certain benefits. The move can reduce the resources and overhead involved in owning and managing on-premises hardware and software. Security staffers are spared from having to update, upgrade, and maintain on-premises products. The survey results revealed more specific advantages.
Asked why they've been moving to cloud-based security, 29% of the respondents cited improvements in the monitoring and tracking of attacks, while 22% pointed to reduced maintenance. Other reasons included reductions in capital expenditures and access to the latest features.
But organizations also have specific fears about switching their security tools to cloud-based variants. Asked about their concerns, 30% of the respondents pointed to the privacy of their data, 16% to unauthorized access, 14% to server outages, 14% to integration with other security tools, and 13% to the sovereignty of their data.
Further, some 32% said they thought it would be too hard or too risky to migrate their security tools to the cloud. Another 32% said they didn't know what concerns their organization had about this type of migration.
SEE: How to protect your organization and remote workers against ransomware (TechRepublic)
Among the organizations that have moved to cloud-based security tools, 22% cited email as the most widely protected type of data, 21% customer information, 20% file sharing, and 18% personnel files. Only 12% of the respondents said they're using cloud-based security to protect corporate financial data.
"As organizations modernize their security operations, SaaS (Software as a Service) [is] increasingly becoming the deployment model of choice," Sam Humphries, security strategist for Exabeam, said in a press release. "While the results of this survey show that some security professionals still have concerns, having visibility into cloud services is vital, and many organizations are now taking a cloud-first approach to security. Added benefits include reduced cost and maintenance issues, as well as eliminating the need to route cloud data to on-premises data centers."
For its report, Exabeam surveyed 130 security practitioners at the Cloud and Security Expo in London on March 11-12, 2020.