DevOps has accelerated corporate software deployments. But it also has left the door wide open for potential security holes in next-generation applications that involve big data services, software containers, the Internet of Things (IoT) and more.
Indeed, 93 percent of cloud, SaaS, big data, IoT and container projects involve sensitive corporate data, according to a research report from 451 Research and Thales e-Security published in March 2017. But 63 percent of respondents concede their organizations are deploying those technologies ahead of having appropriate data security solutions in place, the research found.
That could spell opportunity for some MSSPs (managed security service providers) -- especially MSSPs that offer end-to-end encryption services for their customers. "Putting an ‘encrypt everything’ strategy into practice will go a very long way towards protecting these powerful, yet vulnerable, environments,” according to Peter Galvin, VP of strategy, Thales e-Security.
Indeed, 60 percent of respondents would increase their cloud deployments if CSPs and/or MSSPs offered data encryption in the cloud with enterprise key control. Data encryption (56 percent) and digital birth certificates with encryption technology (55 percent) are also listed as the two most popular security options for IoT deployments. Rounding out the list is containers, with 54 percent of respondents citing encryption as the number one security control necessary for increasing container adoption, according to the survey.
The research findings also included deeper trends tied to SaaS, cloud backup, big data, IoT and container security. Here's a look at each area...
SaaS Security, Online Storage and Cloud Backup Concerns
- 59 percent of respondents are concerned about SaaS breaches, down from 70 percent in 2015.
- 57 percent of respondents worry about shared infrastructure vulnerabilities, followed by lack of control over the location of data (55 percent).
- 57 percent of respondents leverage sensitive data in SaaS environments – up from 53 percent in 2016.
- When it comes to SaaS insecurities, respondents are most fearful about online storage (60%), online backup (56%), and online accounting (54%).
Big Data and IoT Security Concerns
- 47 percent of respondents use sensitive data in big data environments.
- Respondents cite their top fear as sensitive data everywhere (46 percent), followed by security of reports (44 percent) and privileged user access (36 percent).
- 85 percent of respondents leverage IoT technology and 31 percent use sensitive data within IoT environments.
- Only 32 percent of respondents report being very concerned about their data, The low figure is a potential red flag that MSSPs should point out to customers. Indeed, customers may not realize the potential impact of IoT network and associated data vulnerabilities.
- When pressed about their top fears, 36 percent of respondents cited protecting the sensitive data IoT generates, followed by identifying sensitive data (30 percent) and privacy concerns (25 percent). Here again, the figures seem low considering how high the stakes could be for IoT network, device and data security.
Software Container Security Concerns
- 87 percent of respondents have plans to use containers this year, with 40 percent already in production deployment.
- Security is cited as the number one barrier to container adoption by 47 percent, followed by unauthorized container access (43 percent), malware spread between containers (39 percent), and privacy violations resulting from shared resources (36 percent).
Admittedly, the research by its very nature is designed to zero in on the encryption topic -- since Thales e-Security competes in that market. But the findings could help MSSPs shape their services catalog nonetheless.