Businesses are adopting hybrid cloud-based solutions faster than the security staff can secure them properly, and that is reason for worry.
A new report by FireMon found 60 per cent of organisations are moving too fast for their own good, and in some instances, security staff aren't even being consulted when cloud solutions are being bought and / or installed.
According to the report, roughly half of organisations (56 per cent) employ their network security and compliance teams to work on cloud security.
In the other half, IT and cloud teams, app owners or ‘other teams outside the security organisation’ are responsible for cloud security.
“The results of our survey are compelling, but not surprising. In large, complex enterprise environments, budget constraints, lack of clarity around which team is responsible for cloud security, and the absence of standards for managing security across hybrid cloud environments are impairing organizations’ ability to secure their cloud business initiatives,” said FireMon Vice President of Technology Alliances Tim Woods.
“This problem will only be solved with a new generation of security technologies and processes that fully integrate with DevOps and provide end-to-end visibility and continuous security and compliance across hybrid environments.”
He’s mentioning DevOps because of the spotted similarities. The relationship between security and DevOps is ‘inconsistent’, the report states, and that can impact the consistency of cloud security controls.
Almost four in ten (39 per cent) of respondents said they’re using IaaS, PaaS and SaaS models concurrently, and 30 per cent said they are part of the DevOps team. Another 30 per cent said their relationship with DevOps is either complicated, contentious or ‘non-existent’.
Image source: Shutterstock/Nattapol Sritongcom