Cloud Security Still a Concern for Public Sector
January 2017 by Netwrix CLEMENT OLIN
Netwrix Corporation, the first vendor to introduce a visibility and governance platform for hybrid cloud security, extracted data about public sector services from its latest Cloud Security Survey and released an infographic that reveals key cloud security concerns of central and local government CIOs.
In the last few years more and more public services have reduced the number of applications (such as email) hosted in government-owned data centres in favour of cloud-based applications.
However, cloud adoption can be challenging. Hackers are constantly improving their techniques to compromise public sector cloud environments.
This problem has been highlighted in the U.S. where data breaches have been recorded at several federal and local government agencies, including the Office of Personnel Management (OPM), the National Security Agency (NSA) and the U.S. Navy.
Among the top cloud security survey findings for the public sector are:
• Public services are sceptical of cloud migration because of security. 87% of public sector services are not ready to move their data to the cloud because of security issues. The major barriers that keep them from cloud adoption are concerns about unauthorised access and account hijacking (80%), the risk of losing control over data (60%), and issues associated with data backup and recovery (53%).
• Insider misuse is the biggest concern. 40% of respondents believe they would not be able to enforce the required security policies on a cloud provider’s site. Even more organizations (80%) are worried about the activity of their own users in the cloud, holding that employees pose a bigger threat to data integrity than anyone else.
• Government departments appreciate cloud flexibility and cost-efficiency. Despite the documented concerns, 50% of respondents said that the cloud has improved the security of their systems and data. The key benefits that government departments have realized through cloud adoption are higher availability of systems (70%), flexibility in resource utilization (50%) and cost savings (40%).
• Visibility is the key to security. Regardless of the security mechanisms in place, IT systems are always vulnerable to malicious activities by insiders or external hackers. No wonder that 93% of public sector CIOs agreed that visibility into user activity in the cloud is a basic component of security and business integrity.