Check Point experts presented the Cloud Security Report 2019 report on the security of cloud storage. As it turned out, the main reason why companies are afraid of rapidly introducing cloud technologies is the problem with ensuring data security (57% of organizations indicated it as the main one).
According to a Check Point study, 66% of information security specialists believe that traditional security tools cannot provide sufficient protection in the cloud or do not protect at all
Cloud service providers strengthen security measures to protect their platforms, but the responsibility for protecting data and applications on these platforms lies with the customers themselves. Despite the fact that more than half of the organizations (54%) stated that their cloud storages were not hacked, a quarter of the respondents could not accurately answer this question, and another 15% confirmed that their clouds suffered from any security incidents.
The main findings of the Cloud Security Report are:
- The four most vulnerable places in the public cloud: unauthorized access to the cloud (42%), insecure interfaces (42%), incorrect configuration of the cloud platform (40%) and account theft (39%).
- Key security concerns when working with the cloud: IT professionals are struggling with insecurity and for compliance with the regulatory requirements of the cloud infrastructure (67% of respondents noted these problems). Installing consistent security policies in the cloud and on the organization’s computers, as well as a shortage of qualified security personnel, is 31%.
- Outdated security solutions: 66% of respondents said that the technologies they use are either not working at all or provide limited protection in cloud environments.
- Organizations do not use clouds due to security issues: data security is the biggest barrier to the introduction of public cloud systems, according to almost a third (29%) of respondents. In second place is the risk of disclosing classified information (28%), third is the problem of compliance with regulatory requirements (26%) and lack of experience and qualified personnel to ensure security (26%).