The cloud is fairly new territory for many organizations and, consequently, it’s an area where mistakes are made stemming from confusion around the role cloud service providers play in security, and how companies should work with them.
“Organizations looking to host their data in cloud service providers have the best intentions in mind, and the clients I speak with are looking at security as being a key motivator,” says Mark Judd, research analyst at Gartner’s Research Analyst Lab. But, Judd says, many businesses “neglect to realize that moving into a cloud does not automatically make their data secure, but requires an understanding of the shared responsibility in regards to security controls between the organization and the cloud provider.”
Andrei Florescu, group product manager for datacenter at Bitdefender, observes that enterprise responsibility for cloud security varies depending on whether you’re buying Infrastructure-as-a-Service, Platform-as-a-Service, or Software-as-a-Service. Misconceptions around the responsibilities of cloud service providers and their customers in securing data can put information at risk.
Read which security-focused questions all businesses should be asking when researching and using cloud services according to cloud experts on DarkReading.