Businesses in the dark over shared cloud security risks, warns Centrify study

Global research from Centrify, the leading cyber security company, has discovered that the majority of businesses misunderstand the shared responsibility model for cloud security and incorrectly believe the cloud provider is responsible for securing privileged access

by Patrick Sullivan, Political Editor on 12 November 2019 20:21

Adobestock_196731274-1013x440

Centrify, a leading provider of cloud-ready Zero Trust Privilege to secure modern enterprises, today published a new report, “Reducing Risk in Cloud Migrations: Controlling Privileged Access to Hybrid and Multi-Cloud Environments.”

The report, based on a global survey of over 700 respondents from the UK, United States, and Canada, finds that 60 per cent of respondents misunderstand the shared responsibility model for cloud security and incorrectly believe the cloud provider is responsible for securing privileged access.

Furthermore, organisations are not employing a common security model or enforcing least privilege access to reduce risk, and the majority list security as their main challenge with cloud migrations. The cloud’s availability, accessibility, scalability, and speed of delivery make it an attractive option to deliver IT services more efficiently and affordably. However, securing multi-cloud and hybrid environments creates an unfamiliar situation, in which organisations are unsure of who is responsible for controlling privileged access. As a result, many organisations secure cloud and hybrid environments differently than they do on-premises, when a common security model is best practice.

The survey found that 68 per cent of organisations are not implementing Privileged Access Management (PAM) best practices to control access to cloud environments - 60 per cent of respondents view security as the leading challenge when it comes to cloud migration projects - 76 per cent are using more than one identity directory in their cloud strategy, which puts them at risk of “identity sprawl” and unsecured cloud attack surfaces

“As the enterprise threatscape expands, organisations are faced with new challenges to secure modern attack surfaces, and this report makes it clear that the cloud is no exception,” said Tim Steinkopf, CEO of Centrify.

“We know that 80 per cent of data breaches involve privileged access abuse, so it’s critical that organisations understand what they are responsible for when it comes to cloud security, and take a least privilege approach to controlling privileged access to cloud environments. Too much access and privilege puts their workloads and data at risk,” he added.

 

Comments
blog comments powered by Disqus