SafeNet polls over 100 ANZ IT Leaders on cloud security concerns.
60% of organisations are using cloud services but these are mostly SaaS, not IaaS or PaaS.
The top three concerns for data protection in the cloud are data isolation (63%), the use of strong authentication (61%) and data encryption (59%).
52% of participants want physical ownership of their own encryption keys.
Sydney, Australia – 14 December 2012 – SafeNet, a global leader in information security, announced that less than 20% of organisations polled in Australia and New Zealand are currently using Infrastructure-as-a-Service or Platform-as-a-Service cloud technologies but more would do so if their information was protected. While 60% of 123 senior IT professionals surveyed said their organisations are using some sort of cloud service, these were mostly Software-as-a-Service applications, with only 13% of organisations using IaaS and 6% of organisations using PaaS services.
Among concerns about data protection in the cloud, most important to organisations is the need to isolate their own data when using a cloud provider (chosen by 63% of respondents), the ability to secure access with the use of strong authentication (61% of respondents), encryption of high-value data itself (59%) and physical ownership of their own keys (52%).
According to Gartner Research (Forecast Overview: Public Cloud Services, Worldwide, 2011-2016, 3Q12 Update, published on 24 September 2012), Australia's public cloud market will reach US$2.63 billion this year, and has a compound annual growth rate (CAGR) of 20.9 percent for the 5 year period through 2016. Worldwide spending in public cloud services is on the up, with an expected CAGR of 17.9 percent from 2011 to 2016.
As more information moves to private or public clouds, the number of users with access to an organisation’s data multiplies and risks associated with data leakage increases. Despite business drivers such as reduced costs and maintenance, and the ability to access business systems anywhere from any device, security for data in the cloud and virtual environments is a major concern for organisations. More than half of the respondents want to ensure that their information is protected and wish to maintain control over their own encryption keys. To address the data security issues and deliver control and governance of data in the cloud, SafeNet offers solutions that allow encryption of the data and secure access and control. With ProtectV and KeySecure, organisations achieve the same control and security level in their virtual environment as they had in their physical datacentre.
According to the survey, 84% of organisations are using password and user ID for user access control while 51% use strong authentication. Strong authentication is vital to maintaining access and control over information in the cloud. SafeNet recommends that organisations ensure that the correct user has authorisation to access information using multi-factor authentication as user name/password technologies do not provide enough security. SafeNet Authentication Service, for example, offers a fully automated, customisable cloud platform that can substantially reduce authentication-related operational costs through the elimination of manual tasks associated with provisioning, administration, billing and management of users and tokens. Service providers can manage their customers from a multi-tier, multi-tenant platform that is vendor-agnostic and will work with an organisation’s existing token technology, enabling a quick migration to a centralised cloud environment with minimal disruption to end-users.
“There is a vast need in Australia and New Zealand to move to cloud and virtualisation as they offer tremendous business benefits for organisations. However businesses and government entities must approach security differently than in the past. There are currently more threats due to the large amounts of data and access and control. SafeNet’s survey shows that organisations are thinking intelligently about their security. They want strong authentication, encryption and ownership of their own keys. SafeNet offers security solutions such as ProtectV and KeySecure that enable control, compliance and governance of critical data.”
– Vince Lee, Regional Director, Australia and New Zealand, SafeNet Inc.
Additional Survey Information
65% of respondents are from organisations with more than 1000 employees
19% of respondents are from government organisations
9% of respondents are from New Zealand
65% of respondents say access to business systems from anywhere, anytime, any device is driving their organisation to migrate applications to the cloud
51% of respondents need to use encryption technologies for compliance mandates such as PCI DSS
StorageSecure overview: http://www.safenet-inc.com/data-protection/storage-security/storage-secure/
KeySecure overview: http://www.safenet-inc.com/data-protection/key-management/key-secure/
ProtectV overview: http://www.safenet-inc.com/Products/cloud/SafeNet_Cloud_Security/
Follow SafeNet on Twitter, Facebook, YouTube and LinkedIn
Founded in 1983, SafeNet, Inc. is one of the largest information security companies in the world, and is trusted to protect the most sensitive data for market-leading organisations around the globe. SafeNet’s data-centric approach focuses on the protection of high-value information throughout its lifecycle, from the datacentre to the cloud. More than 25,000 customers across commercial enterprises and government agencies trust SafeNet to protect and control access to sensitive data, manage risk, ensure compliance and secure virtual and cloud environments.
Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint
Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.
Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation
CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)
Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana