Story image

Migration away from on-prem data centres stalled by security

07 Feb 2019

Despite the surging cloud adoption that is rife around the world, a new study from SecurityFirst and the Ponemon Institute has revealed there’s still a lack of understanding around security.

The study delves into perceptions surrounding on-premises and cloud-based data storage technologies from 483 information technology and (IT) and IT security professionals familiar with the benefits of object storage technology.

And according to the survey, 65 percent of IT professionals would like to store object data in the cloud, but nearly half (47 percent) either don't believe or are not sure if data in the cloud is as secure as in their own data centre.

The primary reasons stated for wanting to move data into a cloud-based object storage environment included to reduce storage costs, to avoid new data centre investments, and to achieve better resiliency or disaster recovery - only 12 percent put increasing security as their primary reason.

"There is a prominent security gap delaying the mass migration of data to the cloud."We see an overwhelming desire among organisations to move to the cloud and leverage the cost/value of object storage,” says SecurityFirst president and CEO Jim Varner.

“However, they often take an outsourced approach to cloud security instead of a unified, comprehensive approach, including integration with their existing security infrastructure and careful control of security keys. Object data has the same security and privacy requirements as any other data and a structured, controlled approach needs to be taken seriously."

There were a number of other key findings from the report, which included:

  • While 79 percent of respondents are not currently using object storage, 38 percent are piloting or assessing object storage which indicates that migration of data to the cloud is continuing

  • A significant percentage are moving personal data into object storage, with 55 percent moving customer profile data, 37 percent employee records, and 26 percent protect health records

  • 51 percent prefer cloud data to be distributed across multiple suppliers, with 28 percent choosing to do so for security purposes and the remaining 23 percent to avoid vendor lock-in

"While IT professionals across many verticals are increasingly putting personal data into object storage, they are aware that they are risking the security of the data, in an environment in which regulatory oversight of data risk is increasing" says Ponemon Institute chairman and founder Dr. Larry Pomemon.

"These survey results confirm InfoSecurity Professionals' concerns about object storage, migration to the cloud, and resulting security risks".

The report also looked into how perceptions differed by industry. Out of all the various industries surveyed (including Healthcare, Services, Public Sector, Industrial, and Retail), the Financial Services were the most notable:

  • 64 percent of respondents in the financial services sector are more likely to store customer profile data in object storage compared to 55 percent across all industries

  • 35 percent of financial services respondents have all object storage in a cloud environment, compared to 29 percent for all industries

  • 27 percent of financial services respondents are already using object storage, while only 21 percent of respondents are across all industries

These findings suggest a more aggressive adoption of new technology, specifically object storage in a cloud environment, in the financial services sector.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.
65% of manufacturers run outdated operating systems – Trend Micro
The report highlights the unique triple threat facing manufacturing, including the risks associated with IT, OT and IP.