A new report on cloud security within the enterprise is arguing that modern organisations are failing to understand the shared responsibility model for cloud security.
Centrify's latest report found many companies are under the (wrong) impression that the cloud provider is responsible for securing privileged access, the report adds, also saying that very few are employing a common security model, or enforcing least privilege access to reduce risk.
At the same time, security is one of the main cloud migration challenges.
The report says that most organisations see cloud availability, accessibility, scalability and speed of delivery, as the biggest advantages, making them eager to adopt the rising technology. At the same time, securing multi-cloud and hybrid environments isn’t exactly familiar territory, and organisations are left unsure of who’s responsible for controlling privileged access.
It added that more than two thirds of organisations aren’t implementing Privileged Access Management (PAM) best practices, to control access to the cloud.
“As the enterprise threatscape expands, organisations are faced with new challenges to secure modern attack surfaces, and this report makes it clear that the cloud is no exception,” said Tim Steinkopf, CEO of Centrify.
“We know that 80 per cent of data breaches involve privileged access abuse, so it’s critical that organisations understand what they are responsible for when it comes to cloud security, and take a least privilege approach to controlling privileged access to cloud environments. Too much access and privilege puts their workloads and data at risk.