While a few years ago “cloud” was a bit of a buzz word, cloud adoption has since become mainstream. These days, most organisations – ranging from large to small – use it to a certain extent.
Yet still misconceptions remain about the technology. In particular, on how best to secure it.
We wanted to lift the lid on these misconceptions, so in February 2018 we conducted some global research. As part of this, we asked 164 respondents in EMEA about their experiences and attitudes when it comes to security in the cloud. Here are some of the standout findings:
People still believe on premises security is better than cloud
Over half (57%) report their on-premises security as superior to cloud.
However, using security tools specifically designed for the public cloud can actually make a business more secure than they were when they operated purely on-premises.
What was promising was that the shared security model was largely well known by respondents, with 71% expecting cloud security to be a responsibility that’s shared with cloud vendors. Just 19% think cloud vendors are solely responsible.
The cloud is redefining the role of the firewall
An overwhelming 82% have concerns about deploying firewalls in the cloud, with 41% naming ‘pricing and licensing not appropriate for the cloud,’ and 39% citing ‘no centralised management creating a significant overhead’ as their top two concerns. Other concerns included next generation firewalls simply not being practical for cloud environments and the lack of integration with native security tools from cloud vendors.
Interestingly, organisations seem to find value in cloud-specific security features, with 95% saying cloud-specific firewall capabilities would help them. 71% cite the most beneficial quality as ‘integration with cloud management, monitoring, and automation capabilities,’ and 59% cite being ‘easy to deploy and configure by cloud developers’ as the second most beneficial capability.The EMEA region falls behind others in adopting #DevOps, #DevSecOps, or #CI/CD (continuous integration and continuous deployment) methodologies in the public cloud. Click To Tweet
Traditional security remains a bottleneck for DevOps
Just over half (58%) of respondents have adopted DevOps, DevSecOps, or CI/CD (continuous integration and continuous deployment) methodologies. This was slightly higher in EMEA than the US (53%), with APAC storming ahead with 63%.
Of the organisations that have adopted, 95% have faced challenges integrating security into those practices. The top challenge reported was ‘limitations with existing security solutions’. Security processes not being changed was also voted as a high scorer.
So what does it all mean?
We’re continuing to see questions and concerns around how organisations should be approaching security along with their cloud deployments, especially from larger companies. There still seems to be a lack of understanding in cloud security, and a misplaced belief that on-premises security is a lot stronger.
One thing is for sure: as the move to cloud only increases in pace, for organisations that are used to operating under traditional data centre architecture, moving to the cloud will require a new way of thinking when they approach security.
Chris Hill, RVP Public Cloud and Strategic Partners International
Chris Hill joined Barracuda in 2016 and, since then, has successfully developed the Public Cloud Business across the EMEA region. His main focus is securing Barracuda customers’ journey to Azure, AWS and GCP, with market leading, cloud generation technology. As a result he has been a pivotal member of a global effort to achieve more than 200 net new public cloud customer deployments per quarter.
With more than 30 years’ experience in technical, sales and leadership roles Chris has a successful track record for developing strategic partnerships that align sales models and business development with global OEM and channel organisations.
Previously: SanDisk, Emulex, McDATA, Amdahl, Enterprise Computer Services