Thales Blog

Current Forecast: Cloudy With A Chance Of Exposed Data

April 23, 2018

Thales Thales | Cloud Protection & Licensing Solutions More About This Author >

By Peter Galvin, Chief Strategy & Marketing Officer, Thales

Today, organizations are rapidly adopting cloud technology. Many organizations have implemented a cloud first philosophy, requiring that any new applications or IT investments start with the cloud. And not just one cloud, but organizations are investing in multiple clouds and SaaS applications. The numbers are truly revolutionary.

According to Data Threat Report for 2018, the majority of businesses don’t just operate in one cloud environment in a single location, but multiple. This typically entails working with a number of different vendors, depending on workloads to source the right technical applications, platforms and infrastructures for their respective business needs.

The business community is truly embracing the cloud as the survey results indicate: The scale of cloud deployment across the business community is outlined in our indicated by the following statistics in our report:

  • More than half (57 percent) rely on two or three Platform as a Service (PaaS) vendors
  • 42 percent are using 50 or more Software as a Service (Saas) applications
  • 94 percent of respondents are using sensitive data in cloud, big data, IoT or mobile environments

But with widespread enterprise adoption of cloud technologies, come very real data security risks. Though these technologies unquestionably deliver tangible business benefits, they also increase attack surfaces and open up fresh conduits for data loss. For example, 62 percent of respondents in our report cite a lack of control over the location of data stored in the cloud as a top security concern.

These issues with cloud security are now hitting the news headlines on an increasingly regular basis. Most recently, Amazon and Tesla – two of the biggest players in the tech industry –have made waves for their cloud insecurities. Interestingly, in both of these cases the initial breach was the result of a ‘good actor’, highlighting vulnerabilities in the respective cloud environments of each organisation. While the data wasn’t actually the primary catalyst for either breach, the ease with which it could be exposed was demonstrated all too easily.

Enterprises also frequently run into trouble because they deploy many disparate security solutions to protect cloud technologies, over-simplify basic security protocols like using the same password for everything or don’t take the notion that security can be a shared responsibility seriously enough. While cloud providers increasingly offer security features, organisations themselves must remember that they – and they alone – are responsible for protecting their data.

Businesses shouldn’t be afraid to adopt emerging technologies that accelerate growth and digital transformation. However, they also need to understand how to mitigate the vulnerabilities induced by heightened risk vectors. Fortunately, there are options for managing multiple cloud environments simply and securely. Amongst these, we believe the most effective is the deployment of encryption with key management technology.

If data is encrypted, it simply cannot be exploited unless the appropriate key is used to decrypt it. However, when it is being transferred to the cloud, many organisations face the same set of challenges around protection, storage and control of their encryption keys. The best practice in this instance would be to separate these keys from their respective data, and, as organisations transition to the cloud, retain control of the keys (instead of relinquishing them to the cloud provider).

At Thales we offer multi-cloud advanced encryption and multi-cloud key management solutions to help enterprises protect and maintain full control of their data, regardless of whether their multi-cloud strategy is public, private or hybrid.

To learn more, please visit our dedicated cloud security landing page. In the meantime, you can find me on Twitter at @pgalvin63.