Technology / IT departments struggling to keep the cloud secure, report finds

IT departments struggling to keep the cloud secure, report finds

Businesses are struggling to keep the cloud secure, with many services being deployed without their IT departments’ knowledge, according to a new report.

Research by Intel Security found that nearly 40 per cent of cloud services are commissioned without the involvement of organisations’ IT teams.

As a consequence, the visibility of shadow IT services has dropped from 50 per cent last year to less than 47 per cent this year - a worrying statistic for those tasked with keeping firms secure.

65 per cent of the IT professionals the firm surveyed said that the rise of shadow IT is interfering with their efforts to keep the cloud safe.

Nearly half also said a lack of cyber security skills has slowed adoption or usage of cloud services and possibly contributed to shadow IT. 36 per cent said they are struggling to find talent but continuing anyway, and only 15 per cent said they do not have a skills shortage.

52 per cent indicated that a malware infection can be tracked to a cloud application, while 62 per cent said their organisations store sensitive customer information in the cloud.

This could be a result of changing attitudes to the public cloud, for which trust now outnumbers distrust by a factor of two to one, according to the report’s statistics.

“The cloud-first strategy is now well and truly ensconced into the architecture of many organisations across the world,” said Raj Samani, EMEA chief technology officer at Intel Security.

“The desire to move quickly toward cloud computing appears to be on the agenda for most organisations.

“This year, the average time before respondents thought their IT budgets would be 80 per cent cloud-based was 15 months, indicating that cloud-first for many companies is progressing and remains the objective.”

Intel Security advised businesses to protect administrator credentials and use multi-factor authentication, and to introduce strategies and policies for more proactive security.