Fewer than half of companies operate securely in the cloud
A new survey finds that 85 percent of companies believe embracing the public cloud is critical to fuel innovation. But of those who have already adopted public cloud, only 40 percent have in place an approach to managing cloud and container security.
The study by DivvyCloud finds only 58 percent say their organization has clear guidelines and policies in place for developers building applications and operating in the public cloud. Of those, 25 percent say these policies are not enforced, while 17 percent confirm their organization lacks clear guidelines entirely.
Brian Johnson, chief executive officer and co-founder of DivvyCloud says:
Enterprises believe they must choose between innovation and security—a false choice we see manifested in the results of this report, as well as in conversations with our customers and prospects. Only 35 percent of respondents do not believe security impedes developers' self-service access to best-in-class cloud services to drive innovation -- meaning 65 percent believe they must choose between giving developers self-service access to tools that fuel innovation and remaining secure.
The truth is, security issues in the cloud can be avoided. By employing the necessary people, processes, and systems at the same time as cloud adoption (not weeks, months, or years later), enterprises can reap the benefits of the cloud while ensuring continuous security and compliance.
Among other findings are that nearly 70 percent of all respondents believe that automation can provide benefits to their organization's cloud security strategy, but only 48 percent say their cloud security strategy currently incorporates products that leverage automation. The vast majority of respondents (85 percent) trust automated security solutions more than or the same as human security professionals.
Almost half (49 percent) of all respondents whose organizations use public cloud said their developers and engineers at times ignore or circumvent cloud security and compliance policies.
The full report is available from the DivvyCloud site.