Enterprises accelerate cloud transformation but struggle with security
Enterprises have embraced the moving of multiple applications to the cloud using containers and are utilizing Kubernetes for orchestration. But the findings of a new report also confirm that many are inadequately securing the data stored in these new cloud-native environments.
The report from cloud-native data protection specialist Zettaset shows businesses are continuing to leverage existing legacy security technology as a solution.
The adoption of containers, microservices and Kubernetes plasy a significant role in these digital acceleration efforts. Yet, while many companies are eager to adopt these new cloud-native technologies, the research shows that companies aren’t accurately weighing the benefits of enterprise IT innovation against inherent security risks.
"Data security should be a fundamental requirement for any enterprise organization and the adoption of new technology should not change that," says Tim Reilly, CEO of Zettaset. "Our goal with this research was to determine whether enterprise organizations who are actively transitioning from DevOps to DevSecOps are investing in proper security and data protection technology. And while findings confirm that companies are in fact making the strategic decision to shift towards cloud-native environments, they are currently ill-equipped to secure their company's most critical asset: data. Companies must invest in high performance data protection so as it to secure critical information in real-time across any architecture."
The survey of more than 200 It professionals shows 39 percent of respondents have multiple production applications deployed on Kubernetes. Just over half of those surveyed are using open source Kubernetes available through the Cloud Native Computing Foundation (CNCF), while 34.7 are using a Kubernetes offering managed by an existing cloud provider such as AWS, Google, Azure, and IBM.
There are, however, clear security concerns. 60.1 percent of respondents believe there is a lack of proper education and awareness of the proper ways to mitigate risk associated with storing data in cloud-native environments. In addition nearly half (43.2 percent) say that multiple vulnerable attack surfaces are created with the introduction of Kubernetes.
There's a lack of evolution in security strategy too, with 46.5 percent using traditional data encryption tools to protect their data stored in Kubernetes clusters. But over 20 percent are finding that these traditional tools are not performing as desired.
You can read more about the findings and get the full report on the Zettaset blog.