Netwrix Corporation, a provider of IT auditing software that delivers complete visibility into IT infrastructure changes and data access, released the results of its global 2015 Cloud Security Survey that show that when it comes to migrating to the cloud, 65% of companies are concerned with security and 40% are concerned with their loss of physical control over data in the cloud.
While security is gaining increasing attention from cloud technology and service providers, the lack of visibility into sensitive data stored externally increases security risks and raises fears that are still holding back wider cloud adoption.
Netwrix surveyed more than 600 IT professionals worldwide, who represent technology, manufacturing, government, healthcare, finance, education and other industries, to answer questions about cloud security, expectations from cloud providers and measures being taken to ensure data security.
Other key survey findings show that:
69% of companies are afraid that migration to the cloud will increase risks of unauthorized access while 43% worry about account hijacking
13% of organizations reject adoption of cloud technology in the near future
71% of enterprises perceive continuous auditing of cloud infrastructure as a very important part of security guarantees to ensure data integrity in the cloud
To find more details, figures and graphs, please, download a complete copy of the Netwrix 2015 Cloud Security Survey.
FAQ
What are the security risks of cloud computing?
Cloud computing introduces several key security risks that organizations must address. Unauthorized access poses the most significant threat, with 69% of companies fearing increased risks from compromised credentials or misconfigured access controls. Account hijacking represents another critical concern, where attackers gain control of cloud accounts to steal data or launch further attacks. Data breaches have escalated dramatically, with 82% of breaches now involving cloud-stored data. Additional risks include data loss from provider outages, inadequate encryption during transmission, and reduced visibility into security controls. However, these risks are manageable with proper identity-based security controls and continuous monitoring. Data security that starts with identity helps organizations maintain control while leveraging cloud benefits.
How secure is cloud storage?
Cloud storage security depends entirely on implementation and access management, not the cloud itself. While cloud providers offer enterprise-grade infrastructure security, organizations retain responsibility for identity management, access controls, and data protection. The primary vulnerability isn’t the storage technology, but who has access to your data. Proper cloud storage security requires least privilege access controls, multi-factor authentication, encryption in transit and at rest, and continuous monitoring of user activity. Many organizations struggle because they migrate to the cloud without redesigning their security model. The most secure cloud deployments start with strong identity governance and work outward from there.
Is the cloud secure?
The cloud can be highly secure when properly configured, though 65% of organizations express concerns about cloud migration security. Modern cloud platforms provide better physical security, network protection, and infrastructure resilience than most on-premises environments. The security challenge isn’t the cloud infrastructure itself, but how organizations manage identities and access once data moves to the cloud. Attackers are logging in rather than breaking in, which means traditional perimeter security becomes less effective. Cloud security requires a fundamental shift to identity-centric security models. Organizations that implement strong identity governance, continuous access monitoring, and least privilege principles often achieve better security in the cloud than they had on-premises.
Why is cloud security important?
Cloud security is critical because 40% of organizations worry about losing physical control over their data during cloud migration, yet the benefits of cloud adoption are too significant to ignore. Without proper cloud security, organizations face increased risks of data breaches, compliance violations, and unauthorized access to sensitive information. Cloud environments often provide broader attack surfaces due to misconfigured access controls and excessive user privileges. However, properly implemented cloud security actually improves your overall security posture by enforcing consistent policies, enabling better visibility into user activity, and automating security controls. The key is understanding that cloud security starts with identity management and extends to every aspect of data access and control.
Preventing unauthorized access in cloud environments requires a comprehensive identity-centric approach. Start by implementing least privilege access controls, ensuring users only have access to data and systems they need for their specific roles. Deploy multi-factor authentication across all cloud services and administrative accounts. Continuously monitor user activity and access patterns to detect anomalous behavior before it becomes a breach. Regular access reviews help identify and remove excessive permissions that accumulate over time. Strong password policies and privileged account management prevent credential-based attacks. The most effective approach connects identity security to data protection, giving you visibility into who has access to what data and the ability to control that access in real-time.