Content, Content

Top Public Cloud Security Challenge: Lack of Visibility


Organizations that deploy multiple, disparate solutions on-premises and across various private and public clouds often struggle to secure their data, according to a survey of more than 400 information security professionals conducted by firewall management software provider FireMon.

Key findings from FireMon's "State of Hybrid Cloud Security Survey" included:

  • More than 80 percent of information security professionals said they are "challenged" by the limitations and complexity of hybrid cloud security tools.
  • 60 percent stated their deployment of business services in the cloud outpaces their ability to secure these services in a timely manner.
  • 59 percent use two or more different firewalls in their IT environment; among these respondents, 67 percent use two or more public cloud platforms.
  • 36 percent use native security tools or manual processes for each IT environment.
  • 28 percent use network security tools that can work across multiple IT environments.

Furthermore, survey respondents cited lack of visibility as the biggest barrier to secure their public cloud environments, FireMon said. They also named compliance as the biggest roadblock that prevented their organization from moving workloads to public cloud environments.

How Can a DevOps Team Help an Organization Improve Its Security Operations?

Thirty percent of information security professionals said they view their relationship with their organization's development and operations (DevOps) team as "complicated, contentious, not worth mentioning or non-existent," the FireMon survey revealed. Conversely, 44 percent stated the acceleration of DevOps has positively impacted their organization's security operations.

Ultimately, collaboration between DevOps and security teams could help "get everyone on the same page," FireMon said. As more organizations leverage multiple cloud platforms, DevOps and security teams can work together to coordinate an organization's security policies across myriad IT environments.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.