Securing cloud-based apps key to data protection

30 juillet 2012

As many studies have shown, data loss somewhere along the line is highly probable. One study from the Ponemon Institute found that 97 percent of organizations suffered data leaks and losses in the past 12 months. With cloud-based applications popping up for many types of services, securing the "edges" of the cloud is an important step in security for most organizations.

More applications means more employees and contractors with access to information in various locations, leaving cloud computing data security as the last line of defense. When many Software-as-a-Service (SaaS) options, this becomes tougher for companies to tolerate, as they must turn over some of the security controls to the application vendor, according to InfoSecurity Magazine. Although organizations can beef up security on some levels, the limitations that come with using SaaS solutions can sometimes leave the IT security feeling helpless.

Mobile Access
In today's business world, cloud often means mobile, and that has many organizations concerned. Seventy percent of respondents to the Ponemon study claimed that documents accessed from mobile devices with data capabilities presented a significant risk to data and cloud security.

Despite this high level of concern, 59 percent claim that controls are ineffective at monitoring insider access, and 63 percent feel they are inefficient when it comes to assigning access privileges. In many instances, those who did not need access to confidential information for their job still retained those permissions.

"While users today expect on-demand access to all personal and company documents from any device, at any time, this study confirms that IT professionals are struggling to deliver on that expectation securely," chief product officer at file-transfer company WatchDox, Ryan Kalember, said.

Security war
Part of the issue comes down to getting more value from beefing up security than convenience lost with the sacrifices it requires. When it comes to securing documents that can ensure data security in the cloud, IT struggles more than they do with traditional security efforts. According to the Ponemon Study, 70 percent of those surveyed claimed that controlling sensitive documents is more of a challenge than doing the same for records stored in a traditional database.

"You are constantly battling the issue of convenience," Ponemon Institute chairman Larry Ponemon told Information Management. "What we've seen over the last 20 years is a move to empowering the end user through things like cloud computing. … Security has a voice, but there's a bigger voice called productivity and profitability."

-McAfee Cloud Security