Cloud Security Concerns and the Perceived Effectiveness of ... · • Four in ten respondents (45%)...

An IDG Enterprise Brand

Presented by: IDG Research Company: CloudPassage June 2015

Cloud Security Concerns and the Perceived Effectiveness of Traditional Security Solutions in a Cloud Environment

2 An IDG Enterprise Brand

Sample Method

Survey Goals

Field Work This survey was fielded from June 2, 2015 to June 12, 2015

Total Respondents 100 qualified completes

Collection Online Questionnaire

Number of Questions

10 (excluding screeners and demographics)

Audience To complete this survey, respondents were required to hold a title of IT Director or above at a company with 1,000 or more employees. Respondents were also required to have involvement with or knowledge of their organization’s security as well as cloud initiatives and needs.

METHODOLOGY & RESEARCH OBJECTIVES

The purpose of this survey is better understand cloud security concerns, particularly those related to customer data residing in the public cloud. We seek to understand perceptions of traditional security solutions as far as their effectiveness in a cloud environment. The survey also explores cloud deployment plans and adoption drivers.

Total Respondents Organization Size

10,000+ employees 56%

1,000 – 9,999 employees 44%

Top Represented Industries

Manufacturing, Production, Distribution

Healthcare, Medical (hospitals, medical providers)

Computer related products or services

Financial services (banking, accounting, tax, etc.)

Retail, Wholesale

Insurance

Business services, Consulting

Education

RESPONDENT PROFILE

CIO/CTO

CSO/CISO

Chief Architect

Executive VP/Senior VP/VP of IT or IT Security

Executive Director/Managing Director/Director of IT or IT Security

Job Title Breakdown

S3. How would you describe your involvement with or knowledge of your organization’s security initiatives and needs? S4. How would you describe your involvement with or knowledge of your organization’s cloud initiatives and needs? Base: 100 qualified respondents

RESPONDENT PROFILE (cont.)

Involvement with or knowledge of your organization’s security initiatives and needs

Significant Moderate

Involvement with or knowledge of your organization’s cloud initiatives and needs

KEY FINDINGS •  Respondents expect that IT services will increasingly be deployed in the cloud over the next 18 months

(from 43% of IT services, on average, to 58%), with the most growth anticipated in public cloud deployments (from 12% to 20%). Agility and cost efficiency are the top drivers for cloud adoption at respondents’ organizations.

•  Four in ten respondents (45%) report that the transition to cloud computing has made maintaining visibility into security and vulnerability more difficult. In fact, security concerns (cited by 66%) top the list of barriers impeding or stalling cloud infrastructure deployments. More than one third (37%) are concerned about the ability to meet compliance requirements.

•  Respondents anticipate that 50% of customer data will reside in the cloud 18 months from now (nearly 20% in a public cloud).

•  Half of all respondents (50%) are very concerned about the security of customer data residing in the public cloud, while another third (34%) are at least somewhat concerned. There are several factors contributing to concerns about the security of customer data that resides in the public cloud. Data ownership, location of data, and shared technology/multi-tenancy are cited by more than half of the respondents.

•  The majority (80%) agree to some extent that conventional network (perimeter) security solutions don’t work well in cloud environments, and three-quarters (76%) agree their organizations lack visibility into attacks when applying traditional security in cloud infrastructure environments.

•  Microsoft Azure is the cloud IaaS solution most often running in production today, followed by VMware vCloud Air and AWS. These are also the solutions that respondents’ organizations are most often testing and investigating.

SURVEY RESULTS

Agility and cost efficiency are the top drivers for cloud adoption at respondents’ organizations.

Top Drivers for Adopting Cloud Infrastructure

Improved agility/scalability

Cost efficiencies

Reduced IT overhead

Faster time-to-market/speed of deployment

Improved application performance

Better data protection/security

Other (please specify)

Q1. What are your organization’s top drivers for adopting cloud infrastructure (public, private, hybrid)? (Please select all that apply) Base: 100 qualified respondents

57% 22%

Respondents expect that IT services will increasingly be deployed in the cloud over the next 18 months, with the most growth anticipated in

public cloud deployments.

Percentage of your organization’s total IT services are delivered via the following:

Q2. With the total equal to 100%, please indicate what percentage of your organization’s total IT services are delivered via traditional, private, public, and hybrid cloud, both currently and 18 months from now. Base: 100 qualified respondents

Traditional on premise (non-cloud)

Private cloud

Public cloud

Hybrid cloud

Percent (%) today

Private cloud

Public cloud

Hybrid cloud

Percent (%) in 18 months

Security concerns top the list of barriers impeding or stalling cloud infrastructure deployments. More than one third (37%) are concerned

about the ability to meet compliance requirements.

Barriers impeding cloud infrastructure deployments

Security concerns

Reconfiguring systems/applications to be cloud-ready

Lack of confidence in ability to meet compliance requirements

Lack of in-house technical expertise

Performance concerns

Lack of executive buy-in

Current cloud management tools do not support on-premises architecture

None, we have no concerns

Q5. What are the barriers or challenges impeding or stalling cloud infrastructure deployments? (Please select all that apply) Base: 100 qualified respondents

Four in ten (45%) report that the transition to cloud computing has made maintaining visibility into security and vulnerability more difficult.

36% 33%

Extremely difficult More difficult About the same Easier Much Easier

Q3. Please complete the following sentence: The transition to cloud computing has made maintaining visibility into our security and vulnerability posture: Base: 95 respondents report some percentage of IT services are delivered via private, public, or hybrid cloud today

The transition to cloud computing has made maintaining visibility into our security and vulnerability posture:

Respondents anticipate that 50% of customer data will reside in the cloud 18 months from now (nearly 20% in a public cloud).

Percentage of your organization’s customer data currently that resides on premise versus in the cloud

Q4. With the total equal to 100%, please indicate what percentage of your organization’s customer data currently resides in the following environments: Base:100 qualified respondents

Private cloud

Public cloud

Percent (%) today

50% 31%

Private cloud

Public cloud

Percent (%) in 18 months

Half of all respondents (50%) are very concerned about the security of customer data residing in the public cloud, while another third (34%)

are at least somewhat concerned.

Somewhat Concerned

Minimally concerned

Q6. How concerned are you, or would you be, with the security of your customer data residing in the public cloud? Base: 100 qualified respondents

Concern with security of customer data residing in the public cloud

Not at all concerned

Very concerned

There are several factors contributing to concerns about the security of customer data that resides in the public cloud. Data ownership, location of data, and shared technology/multi-tenancy are cited by more than half of

the respondents.

Factors driving security concerns regarding customer data residing in the public cloud

Data ownership

Location of data

Shared technology/multi-tenancy

Virtual exploits

Lack of strong access controls

Insecure interfaces and APIs

Shadow IT (i.e., individual business units deploying unsanctioned cloud workloads)

Distributed denial of service (DDoS) attack affecting performance/uptime

Q7. What are driving your security concerns with regards to customer data residing in the public cloud? (Please select all that apply) Base: 100 respondents are very or somewhat concerned

Respondents estimate that it takes about 5 months, on average to procure and deploy a new security solution.

23% 20%

15% 13% 12% 5%

Less than 1 week

1 – 4 weeks

1 – 2 months

3 – 4 months

5 – 6 months

7 – 9 months

10 – 12 months

More than 1 year

Q9. Roughly how long does it generally take your organization to procure and deploy a new security solution? Base: 100 respondents report some percentage of IT services are delivered via private, public, or hybrid cloud today

Length of time to procure and deploy a new security solution

5 months on average

Conventional network (perimeter) security solutions don’t work well in cloud environments

Our security teams experience tool fatigue (i.e., number of tools is adding to complexity)

We lack visibility into attacks

We have difficulty gaining or maintaining compliance with regulations (e.g. PCI, HIPAA, etc.)

Solutions take too long to procure and deploy

We have too many point solutions

Our solutions do not provide hardening and protection for each virtual server or workload

Our solutions are difficult to scale

Strongly agree Agree Somewhat agree Somewhat disagree Strongly disagree

80% agree to some extent that conventional network (perimeter) security solutions don’t work well in cloud environments, and three-quarters (76%)

agree their organizations lack visibility into attacks when applying traditional security in cloud infrastructure environments.

% Agree

Q8. Please rate your agreement with the following statements: When it comes to applying traditional (non-cloud) security in cloud infrastructure environments: Base: 95 respondents report some percentage of IT services are delivered via private, public, or hybrid cloud today

When it comes to applying traditional (non-cloud) security in cloud infrastructure environments:

Microsoft Azure

VMware vCloud Air (formerly VMware vCloud Hybrid Service)

Amazon Web Services (AWS)

IBM Cloud

Google App Engine

Running in production environment

Experimenting in test and development

Exploring, researching, and investigating solutions

No immediate plans to use

Microsoft Azure is the cloud IaaS solution most often running in production today, followed by VMware vCloud Air and AWS. These are also the

solutions that respondents’ organizations are most often testing and investigating.

Q10. Which of the following best describes your organization’s usage of the following cloud IaaS vendors? Base: 95 respondents report some percentage of IT services are delivered via private, public, or hybrid cloud today

Organization’s usage of IaaS vendors

RESPONDENT PROFILE

Number of Employees Company Industry

100,000 or more

50,000 - 99,999

30,000 - 49,999

20,000 - 29,999

10,000 - 19,999

5,000 - 9,999

2,500 - 4,999

1,000 - 2,499

20% 12% 11% 11% 10%

7% 6% 6%

4% 3% 2% 1% 1% 1% 1% 1% 2%

Manufacturing, Production, Distribution

Healthcare, Medical (hospitals, medical providers)

Computer related products or services

Financial services (banking, accounting, tax, etc.)

Retail, Wholesale

Insurance

Business services, Consulting

Education

Transportation

Government (State or Local)

Personal services

Architecture, Building, Construction, Engineering

Arts, Recreation

Biotech, Pharmaceuticals

Media, Entertainment

Telecommunications products and services

S1. Approximately how many people are employed in your entire organization or enterprise? (Please include all plants, divisions, branches, parents and subsidiaries worldwide) D2. Which of the following best describes your organization's industry or function? Base: 100 qualified respondents

Cloud Security Concerns and the Perceived Effectiveness of ... · • Four in ten respondents (45%)...

Documents

A Practical Guide to Cloud Onboarding - Interxion · 2020-01-21 · scale than enterprise applications. ... onboarding, even for workloads perceived as ‘cloud-friendly’. It's

CLOUD COMPUTING FOR FINANCIAL EXECUTIVES - … studies/2012-2013/Cloud... · Perceived barriers to adoption / 8 Cloud users and those ... their computing resources and reach a usage

Digital Literacy v5 - Dosdoce.com · digital literacy is being perceived by and impacting the field. The results are interspersed throughout this publication. Survey respondents overwhelmingly

Public perceptions of crime – survey report · Page 5 Perceived reliability of different sources of information about crime Most respondents believe that key sources of information

1 Developing User Perceived Value Based Pricing Models for ......1 Developing User Perceived Value Based Pricing Models for Cloud Markets Peijin Cong, Liying Li, Junlong Zhou, Kun

Cloud Computing Advantages in the Public Sector · cloud implementation by summarizing the chief advantages and business drivers. Case study snapshots ... percent of respondents to

Perceived Security and Privacy of Cloud Computing ...Cloud computing is an emerging new computing environment for delivering computing services which can be categorized regarding its

MOVING TO CLOUD - Telstra · cloud computing. According to the recent IDC Asia Pacific Cloud Computing Survey 20113, 35.3 per cent of Australian respondents considered cloud to be

Communicating as a CSO€¦ · 3/8/2012 · Data Center 93% Mobile 72% of respondents are concerned about cloud security. of respondents say that security/risk management is at least

PERCEIVED QUALITY OF LIFE AND SOCIAL SUPPORT RECEIVED …80.240.30.238/bitstream/123456789/644/1/AWOBIYI... · Respondents‘ mean age was 70.7±5.6years, 53.3% were females and 83.5%

PERCEIVED TRUSTWORTHINESS, PERCEIVED PERCEIVED EASE …kc.umn.ac.id/6461/1/Sabrina Iryanti_14130110023_Bisnis... · 2019. 4. 16. · ANALISIS PENGARUH. PERCEIVED. EXPERTISE, PERCEIVED

An Analysis of Factors Affecting the Intention to Use ...globalbizresearch.org/Vietnam_Conference/pdf/V574.pdfease of use and perceived usefulness. All respondents showed that they

DC-AAPOR & Washington Statistical Society 2018 Summer ... · Aleia Fobia, U.S. Census Bureau Evaluating Perceived Burden of Household Survey Respondents – Daniel Yang, Bureau of

Customer post-purchase perceived service satisfaction for ... · female respondents give more importance to warrantees provided by the dealer and they are more satisfied with the

1 By: Bob Jackson, MIC Seattle CWSU Cloud Heights and Sky Cover Observed And Perceived

A general introduction to the design of questionnaires for ...users.sussex.ac.uk/~grahamh/RM1web/Burgess_2001... · questionnaires perceived as long will deter respondents. Using

All industry Multi-Cloud 1000 - Aryaka€¦ · Multi-Cloud Network & IT practitioners 1000 Understand their WAN challenges, priorities & plans for 2020 and beyond. Global Respondents

infographic Consilio v7€¦ · risks of cloud-based applications. 64% 26% cited “regulatory compliance failures” as one of their top two greatest perceived risks of cloud-based

*Observation = “Evidence”businessstatistics.us/data-analysis-sample.pdfcryonics and found that most respondents perceived it was far too expensive. Twenty years later, my GHC study

PENGARUH PERCEIVED RISK, TRUST, PERCEIVED USEFULNESS, …repository.wima.ac.id/10870/1/ABSTRAK.pdf · pengaruh perceived risk, trust, perceived usefulness, dan perceived ease of use