The State of Cloud Security 2016, published by the Cloud Security Association Global Enterprise Advisory Board, is a short, but interesting document, focused on articulating the gaps in current cloud security practices to help cloud providers better understand the needs of their customers.
Cloud computing is an incredible innovation. While at its heart a simple concept, the packaging of compute resources as an on demand service is having a fundamental impact on information technology with far reaching consequences. Cloud is disrupting most industries in a rapid fashion and is becoming the back end for all other forms of computing, such as mobile, Internet of Things and future technologies not yet conceived. As governments, businesses and consumers move to adopt cloud computing en masse, the stakes could not be higher to gain assurance that cloud is a safe, secure, transparent, and trusted platform.
With the stakes rising in cloud adoption, cloud providers need to step up with better built-in security:
Cloud computing adoption is solid and increasing. Security and compliance can be adoption barriers. Now is the time to increase the pressure on cloud providers to build security in, not try to bolt it on as an afterthought.
Cloud computing demands new approaches to security:
We need to take a hard look at many of our existing security practices and retire them in favor of new “cloud inspired” approaches that offer higher levels of security.
Finally, solving these tough problems will require cooperative effort between cloud providers and their customers:
Both enterprises and cloud providers need to work together to better align their security programs, architectures and communications.
Let’s work together to conquer these tough challenges.