The biggest barrier to public cloud adoption in the United Kingdom is the ability to secure public cloud environments, according to a recent study by Centrify.
Centrify surveyed 200 IT decision makers from large- and medium-sized enterprises in the UK. Over one third (35%) of respondents that had adopted the public cloud were less than 80% confident that their public cloud environments were completely secure, and over one quarter (28%) of respondents said their public cloud environments had been targeted by hackers.
When questioned about their biggest points of exposure, 45% of respondents said the problem was the growth of machine identities and service accounts. 31% of decision makers were also concerned about their ability to defend against cyberattacks in the future, admitting their DevOps teams were more interested in bypassing security than baking security protections into their systems and applications.
It is natural for businesses to be concerned about the cloud when they have been used to on-premises infrastructure; but there is no reason why the public cloud cannot be made as secure, provided common security protocols are followed and security controls are applied.
The COVID-19 pandemic certainly hasn’t helped. Businesses have been planning their digital transformations, but the pandemic has forced many to accelerate those plans. The pandemic has forced many businesses to adopt the public cloud to some degree to support a more distributed workforce. The rapid adoption has, in many cases, resulted in security risks being introduced, that could have been managed more effectively through a more carefully managed rollout. While cloud adoption has grown during the pandemic, many businesses have not adapted their security practices to the new environment.
As the survey revealed, verifying machine and human identities is one of the key challenges with digital transformation. Ce3ntrify explained that it is essential for identities to be verified before access is granted to systems, applications, and high value targets. Centrify suggests this is best achieved by adopting cloud-ready privileged access management software to protect access to workloads in the public cloud, which ensure access is only granted when a requestor’s identity has been properly authenticated.