HyTrust government cloud adoption survey

Similar documents
Why Enterprises Need to Optimize Their Data Centers

State of Cloud Survey GERMANY FINDINGS

As Enterprise Mobility Usage Escalates, So Does Security Risk

AMAZON WEB SERVICES RE:INVENT SURVEY REPORT

Best Practices in Securing a Multicloud World

TREND REPORT. Ethernet, MPLS and SD-WAN: What Decision Makers Really Think

THALES DATA THREAT REPORT

Mobilizing Your Workforce for Success

Securing Your Microsoft Azure Virtual Networks

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

Securing Your Amazon Web Services Virtual Networks

THE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES

SDN HAS ARRIVED, BUT NEEDS COMPLEMENTARY MANAGEMENT TOOLS

Making hybrid IT simple with Capgemini and Microsoft Azure Stack

Your Data Demands More NETAPP ENABLES YOU TO LEVERAGE YOUR DATA & COMPUTE FROM ANYWHERE

Virtualization. Q&A with an industry leader. Virtualization is rapidly becoming a fact of life for agency executives,

Lenovo Data Center Group. Define a different future

THE STATE OF IT TRANSFORMATION FOR RETAIL

EY Norwegian Cloud Maturity Survey 2018

Top Priority for Hybrid IT

Enabling the Always-On Enterprise

Professional Services for Cloud Management Solutions

Perfect Balance of Public and Private Cloud

The Road to a Secure, Compliant Cloud

BACKUP TO THE FUTURE A SPICEWORKS SURVEY

De kracht van IBM cloud: hoe je bestaande workloads verhuist naar de cloud

The Data Explosion. A Guide to Oracle s Data-Management Cloud Services

Operationalize Security To Secure Your Data Perimeter

How Security Policy Orchestration Extends to Hybrid Cloud Platforms

HOW MIDSIZE ORGANIZATIONS CAN MEET COMPLIANCE REQUIREMENTS AND ENHANCE CYBERSECURITY WITH MICRO-SEGMENTATION WHITE PAPER FEBRUARY 2018

10 Cloud Myths Demystified

Enabling Innovation in the Digital Economy

Hybrid IT for SMBs. HPE addressing SMB and channel partner Hybrid IT demands ANALYST ANURAG AGRAWAL REPORT : HPE. October 2018

Design and deliver cloud-based apps and data for flexible, on-demand IT

THE STATE OF IT TRANSFORMATION FOR TELECOMMUNICATIONS

THALES DATA THREAT REPORT

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

Danish Cloud Maturity Survey 2018

Best Practices in Cloud-powered Data Protection

Fundamental Shift: A LOOK INSIDE THE RISING ROLE OF IT IN PHYSICAL ACCESS CONTROL

KNOWLEDGE GAPS: AI AND MACHINE LEARNING IN CYBERSECURITY. Perspectives from U.S. and Japanese IT Professionals

WHITE PAPER HYBRID CLOUD: FLEXIBLE, SCALABLE, AND COST-EFFICIENT UK: US: HK:

Evolution of IT in the Finance Industry. Europe

Virtualizing Networks:

Arthritis Research UK

Kroll Ontrack VMware Forum. Survey and Report

ACCENTURE & COMMVAULT ACCENTURE CLOUD INNOVATION CENTER

Government IT Modernization and the Adoption of Hybrid Cloud

Yammer Product Manager Homework: LinkedІn Endorsements

Backup and Recovery for Smalland Medium-Sized Businesses

THE ESSENTIAL GUIDE: SELECTING A CLOUD COMMUNICATIONS PROVIDER

10 Cloud Myths Demystified

TREND REPORT. Hosted VoIP: What IT Decision-Makers Really Think

Veritas Backup Exec. Powerful, flexible and reliable data protection designed for cloud-ready organizations. Key Features and Benefits OVERVIEW

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

IBM Spectrum Protect Plus

Optimisation drives digital transformation

Three Key Considerations for Your Public Cloud Infrastructure Strategy

THE TRUTH ABOUT CLOUD SECURITY. It s More Secure Than You Think

BUSTED! 5 COMMON MYTHS OF MODERN INFRASTRUCTURE. These Common Misconceptions Could Be Holding You Back

IBM Cloud IBM Cloud for VMware Solutions Zeb Ahmed Senior Offering Manager and BCDR Leader VMware on IBM Cloud VMworld 2017 Content: Not for publicati

SOLUTION BRIEF RSA NETWITNESS SUITE & THE CLOUD PROTECTING AGAINST THREATS IN A PERIMETER-LESS WORLD

Modernizing Government Storage for the Cloud Era

Who Better than Dell EMC to Offer Best-for-VMware Data Protection?

RightScale 2018 State of the Cloud Report DATA TO NAVIGATE YOUR MULTI-CLOUD STRATEGY

Redefining Networking with Network Virtualization

THE MORE THINGS CHANGE THE MORE THEY STAY THE SAME FOR BACKUP!

Traditional Security Solutions Have Reached Their Limit

CLOUD COMPUTING ARTICLE. Submitted by: M. Rehan Asghar BSSE Faizan Ali Khan BSSE Ahmed Sharafat BSSE

GLOBAL PKI TRENDS STUDY

CICS insights from IT professionals revealed

Survey Results: Virtual Insecurity

STATE OF STORAGE IN VIRTUALIZED ENVIRONMENTS INSIGHTS FROM THE MIDMARKET

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Using Threat Analytics to Protect Privileged Access and Prevent Breaches

COMPANY BROCHURE. About Us. Kinnectiv, LLC. Consulting. Security. Innovation. +1(888)

Modern Database Architectures Demand Modern Data Security Measures

Moving Workloads to the Public Cloud? Don t Forget About Security.

2018 Report The State of Securing Cloud Workloads

Application Networking Trends

Virtualization & On-Premise Cloud

RAIFFEISENBANK BULGARIA

2018 Mobile Security Report

IBM Resiliency Services:

2013 Cloud Computing Outlook: Private Cloud Expected to Grow at Twice the Rate of Public Cloud

THE CYBERSECURITY LITERACY CONFIDENCE GAP

270 Total Nodes. 15 Nodes Down 2018 CONTAINER ADOPTION SURVEY. Clusters Running. AWS: us-east-1a 23 nodes. AWS: us-west-1a 62 nodes

Azure Pack is one of Microsoft s most underrated tools.

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Cloud Computing: Making the Right Choice for Your Organization

YOUR APPLICATION S JOURNEY TO THE CLOUD. What s the best way to get cloud native capabilities for your existing applications?

New Zealand Government IBM Infrastructure as a Service

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

Cognizant Cloud Security Solution

Network Security Protection Alternatives for the Cloud

Efficience de l IT & croissance?

Big data privacy in Australia

Annual Public Safety PSAP Survey results

GET CLOUD EMPOWERED. SEE HOW THE CLOUD CAN TRANSFORM YOUR BUSINESS.

Securing Your Cloud Introduction Presentation

Transcription:

HyTrust government cloud adoption survey Security a top concern with hesitancy to relinquish control of data White Paper

HyTrust government cloud adoption survey Security a top concern with hesitancy to relinquish control of data Introduction With the Cloud First initiative and the push to drive down data center costs in Government, cloud is becoming a component of government agencies IT strategy, yet many are wrestling with how fast and how far to go. These agencies and their IT departments are faced with many challenges and demands as they adopt and deploy cloud technologies. While business leaders find the speed and agility of the cloud to be irresistible, IT is faced with the challenge of dealing with the many implementation details required to make this cloud vision a reality. In order to get a better understanding of agencies current cloud initiatives and where they are headed with their cloud ambitions, HyTrust surveyed government attendees at VMworld 2016 in Las Vegas. This provided an excellent opportunity to gain insights into cloud provider choices, top challenges and intentions for the future. Security remains a top concern Not really a surprise but the security concerns about cloud and in particular public cloud remain. Agencies find the speed, agility and convenience of the public cloud 88% What are your biggest concerns about moving to the public cloud? 54% 39% 2 15% Security Cost Reliability Job Security

very appealing but despite all of those advantages, the uncertainty that the use of public cloud creates drives many to rate security as a top concern (88%). There are deep-seated psychological reasons for this. Understandably the realization of putting your data in someone else s data center can raise security concerns. It is worth noting that all of that agility, speed and convenience comes at a cost, with cost being a top concern (54%) for moving to a public cloud, but well behind security. A real surprise: Despite security concerns, many don t encrypt data in the public cloud It is no surprise that security is a top concern among government organizations, but what is a surprise is that despite security being the top concern (88% rated security the top concern) roughly 20% of agencies using public cloud are not encrypting data stored there. The good news is that a majority of agencies using public cloud have some form of data encryption in place (80%). Encryption is table stakes for anyone who even pretends to be serious about security or compliance. With data How are you handling encryption in the public cloud? We encrypt = cloud provider solution 39% No encryption 20% We encrypt = 3rd party solution 41% encryption, even if a breach occurs, the data is protected, and while it may be downloaded it will be meaningless without the encryption key. If a breach occurs and sensitive information is encrypted, there is no requirement to provide customer notification like what would be required if the information was not encrypted. Of those agencies with public cloud encryption in place, 39% indicated that they are using a cloud provider solution for encryption. It is good that data is being encrypting but this can also be troubling for some agencies as they may not be as protected as they think. A cloud provider encryption service can sometimes be problematic, particularly when the cloud provider holds the encryption keys. In these situations, if there were a breach at the provider this could result in a breach of the data stored at the provider. If access to data is requested by an entity, the provider holds the encryption keys and may be required to hand over the data without its customers knowing. From the survey it appears that 41% of the respondents may have already considered this. They have chosen to pursue encryption and retain control of the encryption keys outside the cloud provider. This ensures that the only people who 3

are entitled see one s data are the only people that are actually able to see it. An advantage of this approach is that when it comes time to securely retire a workload, it can be done by destroying the encryption key, rendering that workload (or backups and other copies of that workload) unreadable and decommissioned without worry that the provider still has copies accessible in the public cloud. Cloud security: Something new or more of the same? When moving to the public cloud, a lot of things change. Things happen more quickly, staff does more enabling business workloads versus building and configuring on premises IT resources, and security can be left largely in the hands of someone else. How will security approaches change for cloud deployments? The Will existing security approaches work with present or future cloud deployments? Yes 49% No 51% survey revealed that just over half (51%) think that the current security approaches will not work for cloud deployments, yet 49% thought existing approaches would work. Speaking of cloud changes and security, while the cloud may change many things, the IT professionals at agencies that were surveyed are not worried about job security, with 73% saying that there would either be no change or an increase in job security with a move to the cloud. Another security debate that is taking place in the market is the question of whether an agency s security is better with a cloud provider than if its own staff did it, in-house. When you ponder the relative asymmetry in scale, resources and 4

If you move to the cloud, will that impact your job security? Yes, more secure 20% Yes, less secure 27% No, no impact 53% expertise when comparing any of the cloud service providers with any normal agency, it would seem reasonable to expect better security from the cloud than in the agency s data center. That said, trusting a vendor, is for many, a big ask as 59% said they do not expect security in the cloud to be better than it is in their in-house data centers. Will security be better in the cloud than in-house? Yes 41% No 59% 5

Best of Both: The Hybrid Cloud One way that government organizations are seeking to get all the benefits of public cloud while maintaining the advantages of on premises deployments is the use of hybrid clouds combining public and private cloud. This strategy is being planned by Are you planning any sort of hybrid cloud deployment? Yes 58% No 42% 58% of the organizations surveyed. But just as agencies want choice and flexibility in the public and private cloud combination, they want the same with their cloud deployments. While the best possible world for IT would be one of simplicity with little to no overlap in vendors, the reality is that there is often some overlap and the cloud is no exception. There is also the reality that certain applications may be set up for certain environments which dictate the use of multiple cloud vendors. Additionally, an agency may want to ability to move workloads to the most cost effective cloud provider, maintaining relationships with multiple providers. Only 39% of those considering a move to hybrid cloud expect to use multiple vendors, perhaps highlighting the need for greater control and selectivity on where workloads are located. See figure below. If/when you move to the hybrid cloud, will you work with a single or multiple vendors? Single vendor 61% Multiple vendors 39% 6

Public Cloud Providers 33% of survey respondents indicated that they are not using the public cloud. One might expect that number to be lower, but with the prevalence of shadow IT, it is easy to imagine relatively widespread use of public cloud services without the knowledge or participation of IT. Those who are using public cloud providers today are spread across a handful of leading providers. Conventional wisdom has long held that Amazon is the dominant leader of the global public cloud market and it edged ahead of others in the survey with 24% currently using Amazon. Microsoft gaining ground with Azure, cutting the gap between the two leaders with 19% indicating that they are currently using Microsoft for public cloud. In the survey, there was a stronger than usual showing of VMware (34%), perhaps due to the survey performed at the largest VMware gathering in the world. IBM Cloud adoption seemed to be non-existent among government agencies with none of the respondents indicating use of IBM Cloud. Which public cloud providers do you use? 34% 33% 24% 19% 14% 0% 7% Other Don t use public cloud Summary The cloud is clearly here to stay and initiatives like Cloud First should drive greater adoption. For many, it will not only be hybrid, but will be a multi-cloud, hybrid deployment. Those who have not already started to look at workload-centric security and in particular multi-cloud workload security would be well advised to start such efforts soon. While many feel that they are well positioned with security relative to the cloud, there are obvious gaps including many who are not yet encrypting their cloud workloads as well as those who are running encryption solutions where they are not the only ones holding the encryption keys or prepared to support a multi-cloud encryption deployment. For more information about the survey you may visit www.hytrust.com/study. For more information about how HyTrust workload security solutions address cloud security concerns visit www.hytrust.com or call +1 650 681 8100. 7 HyTrust 1975 W. El Camino Real, Suite 203 Mountain View, CA 94040, USA Phone: 1-844-681-8100 International: 1-650-681-8100 2016 HyTrust, Inc. All rights reserved. HyTrust, the HyTrust logo, BoundaryControl, DataControl, and CloudControl are trademarks and/or registered trademarks of HyTrust, Inc., and/or its subsidiaries in the United States and/or other countries. All other trademarks are properties of their respective owners.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback