APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • Cyber Security
    Editor's Pick (1 - 4 of 8)
    left
    IAM May Help Secure Data, But It Needs to be Protected as Well

    Marc Ashworth, Chief Information Security Officer, First Bank

    The Changing Landscape of Cyber Security

    Scott Brandt, CIO & Director of IT, Texas Office of the Secretary of State

    Cyber Security - Integrated enterprise approach required to address the multifaceted challenges

    Sumit Puri, CIO, Max Healthcare

    Leadership Framework for Building Elite Teams

    Douglas Duncan, CIO, Columbia Insurance Group

    Four Cybersecurity Weak Spots You Should Care About When Others Don't

    Marc Probst, CIO & VP, Intermountain Healthcare

    Enterprise Security And The Elusive

    Andre' Allen, CISO, City of Houston

    Secure Text Messaging in an Academic Medical Center - Experience and Lessons

    Kari Cassel, SVP & CIO, UF Health

    It's Time to Turn Security Inside Out

    Gilad Raz, CIO, Varonis

    right

    Security Consideration in the Cloud

    Randy Gross, CIO, CompTIA

    Tweet
    content-image

    Randy Gross, CIO, CompTIA

    The IT landscape has shifted dramatically in recent years. Businesses of all sizes are exploring new models for technology, led by cloud computing and mobile solutions.

    They’re also taking a more expansive view of technology. It’s no longer confined to the back office as a support tool for the business. Today technology is front-and-centre, seen as a strategic endeavour that can directly accelerate business growth and success. Business users see benefits and gains in areas such as accessibility, agility, productivity, and scalability.

    Cloud computing solutions offer a great deal of opportunity and potential, but they can also create problems that must be solved quickly before they are exploited.

    A recent report from Skyhigh Networks, a cloud security and enablement company, found that the average enterprise is using 46.7 percent more cloud services this year than a year ago. Yet the report also noted that just 7 percent of cloud services meet enterprises' requirements for security, compliance, and governance.

    “In the early days of cloud adoption, security was cited as the reason that companies were not using cloud systems”

    The biggest difference between a cloud solution and an on-premise solution is that control is given to someone else; namely, a cloud provider. The migration of systems from on premise into the cloud creates several issues for companies, especially if they have not carefully considered their security requirements before engaging with a cloud provider.

    In the early days of cloud adoption, security was often cited as the primary reason that companies were not using cloud systems. Today, the large majority of companies have cleared that hurdle, either by thoroughly examining security in a cloud environment or by assuming that mass adoption of cloud systems indicates adequate security.

    “The reason it is so important for companies to understand their own security requirements before engaging with a cloud provider is that there are so many different areas involved to ensure safety and reliability,” noted Seth Robinson, Senior Director, Technology Analysis for CompTIA.

    “Business continuity, data retention, data encryption, credentials, data integrity, regulatory compliance, identity and access management, and geographic locations are among the areas that should be subject to a security review before embarking on or expanding a cloud deployment”, Robinson added.

    In CompTIA’s 2015 Study Trends in Information Security, between 40 percent and 60 percent of companies said they always review each of the areas listed above.

    This security review also drove internal changes. Nearly half of companies said they changed company policy as a result of changing views on cloud security; while 41 percent of companies built additional security features into cloud-hosted applications.

    When it comes to the cloud, it’s not enough to assume that the cloud provider is adequately securing data and applications. Understanding the cloud provider’s environment and policies is essential in securing the cloud services. Cloud users should regularly review and discuss with their cloud provider how they want to handle security, reliability, compliance, and legal issues related to their cloud services. Any gaps in the provider’s security coverage must be addressed before launching the service.

    Another benefit of cloud computing is that it lowers the barrier of entry to technology and gives access to areas that have traditionally required the approval—or at a minimum, the cooperation—of the IT department. An end user can start working with a Software-as-a-Service application by visiting a website and providing user credentials and billing information with engaging the services or expertise of IT professionals. Thus, the concept of “rogue IT” or “shadow IT” was born.

    This refers to the tendency of lines of business to use their own budgets to procure technology resources. Certainly the concept is no unique to the cloud. But the difference with cloud resources is that they are much more powerful and usable. This represents a high risk for companies. Business staff who use cloud solutions outside the purview of those responsible for the IT environment may not be considering where data is stored, what happens in case of an outrage or how the cloud tool is integrated into other business systems. With security already a major concern for companies, this is another area to be aware of so that data remains confidential and compliance to required standards is maintained.

    “You have to look at where your data is actually being stored and who ultimately has access to it,” noted Ron Culler, Chief Technology Officer, Secure Designs, Inc. of Greensboro, N.C. “You can have a nice looking app that delivers great service, but it may sit somewhere that may not be secure. It could be distributed across multiple data centres across the world. And if you put it unencrypted, it sits there unencrypted. You have to have policies in place to deal with those situations.”

    Finally, it’s important to remember that the burden does not rest solely on the lines of business. IT departments must examine their perceptions and policies to ensure that they are no overemphasizing their preferences at the expense of business outcomes.

    Founded in 1982 and based in Gurgaon, India, CompTIA is a non-profit trade association that is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy.

    tag

    Cloud Computing

    Information Security

    Identity and Access Management

    Weekly Brief

    loading
    Top 10 Cyber Security Companies in APAC - 2024
    ON THE DECK

    Cyber Security 2024

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Artificial Intelligence - Myths And Truths

    Artificial Intelligence - Myths And Truths

    Geraldo Pereira Junior, Chief Information Officer, Ypê
    Sustainable Future through Innovative Technology Solutions

    Sustainable Future through Innovative Technology Solutions

    Faisal Parvez, Director, BT Business CIO
    The Future Relies on Augmented AI

    The Future Relies on Augmented AI

    Laurent Fresnel, CIO, The Star Entertainment Group
    Digitalization with the use of digital technologies/Improving business through digital technologies

    Digitalization with the use of digital technologies/Improving business through digital technologies

    Wilbertus Darmadi, CIO, Toyota Astra Motor
    How Marco's Pizza Leaned On Technology To Succeed Amid The Pandemic By Quickly Pivoting To Contact-Free Delivery And Curbside Carryout

    How Marco's Pizza Leaned On Technology To Succeed Amid The Pandemic By Quickly Pivoting To Contact-Free Delivery And Curbside Carryout

    Rick Stanbridge, VP & Chief Information Officer, Marco’s Pizza
    Bunnings  Diy Digital Transformation

    Bunnings Diy Digital Transformation

    Leah Balter, Chief Information Officer, Bunnings
    For a Smarter City: Trust the Data, Ignore the Hype

    For a Smarter City: Trust the Data, Ignore the Hype

    Brad Dunkle, Deputy CIO, City of Charlotte
    Smart Community Innovation for the Post Pandemic

    Smart Community Innovation for the Post Pandemic

    Harry Meier, Deputy Cio for Innovation, Department of Innovation and Technology, City of Mesa
    Loading...
    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://cyber-security.apacciooutlook.com/ciospeaks/security-consideration-in-the-cloud-nwid-4161.html