SIMonline

Service receive & sending SMS

Cloud Security Issues

175   |     /   Security
Cloud Security Issues
Companies are increasingly moving sensitive data to the cloud, but cybersecurity, including the human factor and technology, is still a problem for many, according to a new report published by Oracle and KPMG.



Do not let yourself be spammed with unnecessary SMS, buy a virtual number for receiving SMS!

The Cloud Threat Report 2019 is based on a survey of cybersecurity professionals and IT professionals from more than 450 organizations in North America, the UK, Australia, and Singapore.

The study shows that 70% of organizations use more cloud-critical business services than last year, and it is estimated that the number of companies that have at least half of the data in the cloud will increase 3.5 times from 2018 to 2020. . % of respondents said that most of the data stored in the cloud will be confidential, compared to 50% in the previous year.

On the other hand, there is still a significant security gap, and one of the biggest challenges is the shared responsibility security model, where both cloud client and cloud service provider play a role in protecting infrastructure and applications.

The cloud service provider is typically responsible for virtualization, network, infrastructure, and physical security, and the user is responsible for data security, identity management, and access. The security of applications and guest operating systems may be the responsibility of the user or provider, depending on the type of service.

However, the survey shows that about half of the respondents are embarrassed by their obligations, even people who should be the most knowledgeable, such as CISO and CIO. Oracle says that only 10% of CISO and 25% of CIO fully understand this security model.

The fact that the shared responsibility model differs depending on the type of service provided — either software as a service (SaaS), or infrastructure as a service (IaaS), or platform as a service (PaaS) —can make things even more confusing for cloud computing users and almost 90% recognize that understanding the differences between these types of services is a serious problem.

This confusion led to the emergence of malware (34% of respondents), increased audit risk (32%), unauthorized access to data (30%) and unauthorized or improperly configured systems that compromise (29%). Overall, according to the report, 82% of cloud computing users have encountered a security issue due to confusion.

Other serious issues organizations face include detecting and responding to security incidents in the cloud, lack of skills, lack of coherence between IT and security operations, unauthorized use of cloud services, and lack of visibility.

Cloud Security Issues

When it comes to their ability to analyze security event data on a scale, only 12% think that they are able to analyze more than 75% of the data, and there is a discrepancy between what practitioners say (only 8% think that they have this ability) and what CIOs say (16% said their organization can do this). More than 40% of respondents believe that they can analyze 40% or less of security event data.

When it comes to patches, many organizations admit that they can postpone a patch to the production system if downtime affects the ability to comply with service level agreements or software compatibility issues arise due to lack of approval from different groups, or if the risk of operation is low . These concerns are largely based on incidents that have struck respondent organizations over the past two years.

Nevertheless, patch management plays an important role for most organizations: 43% said they had already implemented automatic patch management, and 46% said they planned to do this in the next 1-2 years.

Similar news


Vulnerability of WP Cost Assessment Plugin, Crash for WordPress Sites

Enemies can hack WordPress sites using vulnerabilities in a rather popular plugin called WP Cost Assessment & Payment Forms Builder.

Intel SGX can be used to hide malware

A team of researchers has demonstrated that Intel SGX technology can be used to conceal advanced and hidden malware that could allow attackers to steal data and conduct actions on behalf of the victim. Intel claims that its technology works as intended and is not designed to block this type of attack.

Adobe fixes data leak error in Reader

Adobe has released patches for Acrobat and Reader, Flash Player, ColdFusion, and Creative Cloud. One of Reader’s weaknesses is the critical issue of data leakage, the details of which were released by the researcher in January.



SIMONLINE.SU

This is not only a service for receiving and sending SMS messages to virtual numbers, but also a tutorial on user safety in the modern world, the latest developments in IT, social media security, fresh programs and lessons that simplify our lives. So are other issues encountered by the average user. In simple words, each user will find for themselves something interesting or answers to their questions.

SIMonline © 2018 - 2020

All rights reserved