The explosion of information and functions has made multicloud – the place the group’s information is saved on a number of cloud platforms and functions — a actuality for a lot of organizations. Together with increasing the assault floor, the multicloud makes the duty of securing and managing information much more difficult.
Virtually 20% of CISOs responding to a knowledge safety survey from Eureka Safety and YL Ventures say they do not know what database/platform they use to retailer the group’s delicate information.
The survey outlined delicate information as personally identifiable info (PII), private well being info (PHI), secrets and techniques reminiscent of passwords and software tokens, and cost card info (PCI). On this survey, PII was the commonest delicate information saved (84%), adopted by secrets and techniques (55%), PHI (29%) and PCI (29%).
Most CISOs say they make use of instruments and methodologies for limiting entry to information. The vast majority of respondents say they depend on devoted teams (92%) and community insurance policies (51%).
Delicate Knowledge Saved within the Cloud
There are organizations nonetheless leery about migrating software workloads to the cloud due to considerations about storing delicate information in servers they do not have full management over. Nonetheless, the survey suggests that the majority organizations are usually not letting information safety considerations maintain them again from the cloud. About 45% of respondents say they retailer delicate information in public clouds, and the identical variety of respondents say they depend on a hybrid method, with delicate information saved throughout cloud and on-premise techniques. Simply 2% of respondents say delicate information are saved on-premises.
The truth is, 22% of respondents said that greater than half of their cloud information is delicate.
Respondents had been additionally requested to listing the highest three databases/platforms used to retailer delicate information. PostgreSQL was by far the most well-liked database (41%) and MySQL, MsSQL, Oracle, and Snowflake had the identical utilization charges (22%). The report notes that many CISOs are counting on “lift-and-shift” – the place they’re shifting from on-premises to cloud with out adopting cloud-specific information safety controls, reminiscent of classification and masking insurance policies.
There may be additionally a little bit of a disconnect between the variety of respondents who say they retailer delicate information in cloud techniques and the variety of respondents who use cloud platforms. Of the highest 5 platforms, Snowflake is the one one particularly constructed for the cloud with end-to-end cloud information security measures.
The Addressing Cloud Knowledge Safety within the Multi-Cloud Period report is obtainable from Eureka Safety and YL Ventures.