Organizations around the world understand the importance and the challenges of cloud adoption, and they continue to adopt the technology at a fast pace. Gartner predicted that the cloud market in India will reach $3 billion by 2017, which represents an almost fivefold increase from 2012.

Challenges of Cloud Adoption

On one hand, while cloud promises to change the way businesses run, it also presents significant challenges relating to information security and privacy. Organizations need to understand that, in addition to cost reduction and the ability to move from one licensing model to another, the major drivers behind cloud adoption should be transformation and innovation.

The Asia Cloud Computing Association’s “Cloud Readiness Index (CRI) 2016” recognized Hong Kong, Singapore, New Zealand and Australia above markets such as Germany, the U.K. and the U.S., showing that Asian economies are leading the world in cloud readiness but are extremely cautious about making the jump.

Below are some contributing factors:

Data Security

The cloud is an off-premises system, with data centers most likely residing in the U.S. and Europe. A strong security strategy is necessary to protect data, prevent cyberattacks and comply with international regulations, but it should not impact performance. Encryption of data being sent to the cloud and decryption of files back from the cloud should not impact the user experience.

Lack of Standardization

A provider could have the latest security features, but due to the general lack of cloud standardization, there are no clear-cut guidelines unifying cloud providers. Given the increase of cloud providers in different sectors, this is a huge problem for clients in determining how safe their data really is.

Legal and Regulatory Requirements

IT governance and risk managers need to work closely with the business to understand key cloud computing principles and to help establish effective governance practices.

Integration and Portability

Onboarding to the cloud platform is one of the key challenges faced by organizations looking to adopt cloud. Onboarding requires portability of key components that can be moved to the cloud and determining their interoperability with components that remain on in-house systems.

Cloud Security Is a Shared Responsibility

The biggest challenge that needs to be addressed is the notion that security is in the hands of the cloud provider. Security is a shared responsibility, and experts stress that the customer actually bears most of it. The majority of cloud threats can be avoided by ensuring basic security practices, such as:

  • Know where your data resides.
  • Use encrypted cloud services.
  • Use strong passwords and change them frequently.
  • Employ endpoint control over all devices accessing the data.
  • Create a backup schedule.
  • Stay alert, never assume and don’t take shortcuts to security.

Read the IDC white paper: A CISO’s Guide to Enabling a Cloud Security Strategy

More from Cloud Security

How Do You Plan to Celebrate National Computer Security Day?

In October 2022, the world marked the 19th Cybersecurity Awareness Month. October might be over, but employers can still talk about awareness of digital threats. We all have another chance before then: National Computer Security Day. The History of National Computer Security Day The origins of National Computer Security Day trace back to 1988 and the Washington, D.C. chapter of the Association for Computing Machinery’s Special Interest Group on Security, Audit and Control. As noted by National Today, those in…

Why Are Cloud Misconfigurations Still a Major Issue?

Cloud misconfigurations are by far the biggest threat to cloud security, according to the National Security Agency (NSA). The 2022 IBM Security X-Force Cloud Threat Landscape Report found that cloud vulnerabilities have grown a whopping 28% since last year, with a 200% increase in cloud accounts offered on the dark web in the same timeframe. With vulnerabilities on the rise, the catastrophic impact of cloud breaches has made it clear that proper cloud security is of the utmost importance. And…

Charles Henderson’s Cybersecurity Awareness Month Content Roundup

In some parts of the world during October, we have Halloween, which conjures the specter of imagined monsters lurking in the dark. Simultaneously, October is Cybersecurity Awareness Month, which evokes the specter of threats lurking behind our screens. Bombarded with horror stories about data breaches, ransomware, and malware, everyone’s suddenly in the latest cybersecurity trends and data, and the intricacies of their organization’s incident response plan. What does all this fear and uncertainty stem from? It’s the unknowns. Who might…

How an Attacker Can Achieve Persistence in Google Cloud Platform (GCP) with Cloud Shell

IBM Security X-Force Red took a deeper look at the Google Cloud Platform (GCP) and found a potential method an attacker could use to persist in GCP via the Google Cloud Shell. Google Cloud Shell is a service that provides a web-based shell where GCP administrative activities can be performed. A web-based shell is a nice feature because it allows developers and administrators to manage GCP resources without having to install or keep any software locally on their system. From…