UPDATED 00:46 EDT / MARCH 30 2017

CLOUD

Rise of IoT causing confusion in a ‘chaotic’ cloud security landscape

The rapid rise of Internet of Things deployments threatens to strain an already complex and chaotic cloud security environment, according to a survey of information technology security experts at the recent RSA Security conference.

IT security vendor AlienVault Inc.’s survey of almost 1,000 attendees at the event found that a third viewed their cloud security monitoring as “complex and chaotic.” Worse yet, some 62 percent of respondents said they were concerned that security would weaken as more IoT services and devices were added to enterprise clouds.

Complicating matters even further, 45 percent said their company doesn’t even monitor IoT traffic on their networks, while another 20 percent admitted they weren’t even sure if IoT traffic was being tracked. Still, another 45 percent did say they believe the advantages of IoT outweigh its security risks.

To mitigate the risks of unsecured IoT deployments, AlienVault recommends that companies create separate network segments for IoT devices and traffic, eliminate default passwords common in early IoT devices and make sure to roll out regular firmware updates.

“The driving force behind cloud and IoT is the availability and analysis of information, but they must be managed and monitored in the right way,” said Javvad Malik, AlienVault’s security advocate. “Many companies are using these impacting technologies to reap the technological and business benefits they provide, but they are doing so without proper monitoring—leaving their company at greater risk of attack.”

The top security concern cited by respondents was malware infecting corporate networks, but the survey responses show that most companies’ approach to cloud security is fragmented at best. AlienVault found that 39 percent of organizations use 10 or more different cloud services, while 21 percent said they don’t know how many cloud applications are being used by their companies. Much of this ambiguity comes from a lack of communication across IT departments, as 40 percent of security managers said they’re not consulted before their company deploys new cloud platforms.

AlienVault said this uncertainty is creating confusion among security pros because they’re unable to keep up with new cloud and application deployments, particularly in IoT. The security firm said this highlights the need for companies to step up their efforts in threat detection and incident response, both on-premises and in the cloud.

Security experts shared other concerns they have too. For example, the survey found that many are worried about threats such as stolen credentials and unauthorized file sharing.

AlienVault said these kinds of security worries are likely to increase enterprise adoption of hybrid cloud infrastructure. While the cloud comes with obvious benefits around cost and flexibility, IT security managers face a tough choice to “determine whether it makes more sense to deploy a particular service to the cloud or keep it on-premises.”

Image: Jefferb/pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU