cloud, big data, iot, containers...privileged user access to iot data and devices impact of attacks...
TRANSCRIPT
RE-PRIORITIZEYOUR IT SECURITY TOOL SET
11 DISCOVER AND CLASSIFY
2
Cloud and SaaS break legacy IT security models – Data security with encryptionand access controls across environments is required Service-based solutionsand platforms that include automation are preferred for reduced costs and simplicity
Get a better handle on the location of sensitive data,particularly for Cloud, Big Data, Containers and IoT
DON’T JUST CHECK OFFTHE COMPLIANCE BOX
33
ENCRYPTION AND ACCESS CONTROL4
Move beyond compliance to greater use ofencryption and BYOK, especially for cloud andother advanced technology environments
Encryption needs to move beyond laptops and desktops
Containers: Encrypt and control access to data –within containers and underlying storage
IoT: Use secure device IDand authentication, as wellas encryption of data at reston devices, back end systems and in transit to limit data threats
Data center: File and application level encryption and access controls
Cloud: Encrypt andmanage keys locally,BYOK enables safe SaaS, PaaS and IaaS
Big Data: Encryption and access control within the environment
CLICK TO DOWNLOAD REPORT
FOLLOW US ON:
“Without question, encryption and tokenization are seen as the top choice for securing emerging environments and in addressing concerns over data sovereignty.”
—Garrett Bekker, 451 Research Principle Analyst, Information Security
WHAT TO DO ABOUT IT
“Most major cloud providers have larger staffs of highly trained security professionals than any enterprise, and have very high scalability and redundancy. Perhaps as a result of the recognition of these public cloud security realities, security concerns overall for public cloud are waning.”
—Garrett Bekker, 451 Research Principle Analyst, Information Security
“Big Data is a global juggernaut. Just as enterprises globally wrestle with determining which Big Data is potentially valuable to the organization, they wrestle as well with determining the relative sensitivity of that data, and therefore how it needs be secured.”
—Garrett Bekker, 451 Research Principle Analyst, Information Security
“Secure communications and data protection must be assured for each IoT endpoint, the networks that carry their data, and for the back-end systems that process the data.”
—Garrett Bekker, 451 Research Principle Analyst, Information Security
“Just as with the emerging IoT environment, there remains a lack of enterprise-grade security controls in most container environments today, owing largely to their relative immaturity”
—Garrett Bekker, 451 Research Principle Analyst, Information Security
of enterprises using advanced technologies
without securing sensitive data
63%will use sensitive data in an advanced technology
environment this year
93%
“NEARLY TWO-THIRDS (63%) OF RESPONDENTS ADMIT THAT THEIR ORGANIZATIONS DEPLOY NEW INFORMATION TECHNOLOGIES PRIOR
TO HAVING APPROPRIATE DATA SECURITY MEASURES IN PLACE.”—Garrett Bekker, 451 Research Principle Analyst, Information Security
ENTERPRISES USING ADVANCED TECHNOLOGIES WITH SENSITIVE DATA
ENCRYPTION AND TOKENIZATION TOP CHOICES TO SECURE ADVANCED TECHNOLOGIES AND QUELL CONCERNS OVER DATA SOVEREIGNTY
CLOUD CONCERNS REMAIN HIGH
47% USING SENSITIVE DATA IN BIG DATA ENVIRONMENTS
85% ADOPTING IOT - BUT SECURITY CONCERNS REMAIN LOW IN SPITE OF EXTENSIVE FITNESS, MEDICAL DEVICE AND PHYSICAL SECURITY APPLICATIONS
CONTAINER ADOPTION AT BREAKNECK SPEEDSECURITY ISSUES ARE FRONT AND CENTER
ADVANCED TECHNOLOGY ADOPTION CONTINUES TO DRIVE AHEAD – WITHOUT SECURITY FOR DATA
CLOUD, BIG DATA,IOT, CONTAINERS
SaaS
IaaS
PaaS
Mobile
Big Data
IoT
Containers
Block Chain
20162017
Not Measured
Not Measured
61%48%
56%53%
Public Cloud – Customer Managed KeysPublic Cloud – CSP Managed Keys
IoTContainers
Encryption Availability Would Increase Enterprise Adoption of Advanced Technologies
Data Security Concerns for Cloud
64%40%
36%26%
Encrypt Personal Data Collected or ProcessedTokenize Personal Data Collected or Processed
Migrate Customer Data to New LocationsUtilize Local Hosting or Cloud Providers
Enterprise Plans to Meet Data Privacy and Sovereignty Regulations
36%30%
25%25%
Protecting Sensitive Data Generated by IoTIdentifying Which Data is Sensitive
Privacy ViolationsPrivileged User Access to IoT Data and Devices
Impact of Attacks on IoT Devices 24%
Top Data Security Concerns for IoT
56%55%
50%43%
41%
Encryption/Tokenization of data generated by IoT devicesSecure identification and authentication of IoT devices
Anti-malwareIoT network Isolation
Anomalous Operation Detection (Behavioral Analytics)
Data security tools that would increase respondents’ willingness to implement IoT platforms in their organization’s environments.
Security Breaches/Attacks at the Service Provider
Shared Infrastructure Vulnerabilities
Lack of Control Over Location of Data
Lack of Data Privacy Policy / SLA
Cloud Privileged User Abuse / Threats
Meeting Compliance Requirements
Custodianship of Encryption Keys
Lack of Visibility into Security Practices
20162017
59%
57%
55%
52%
54%
47%
51%
50%
70%
66%
66%
65%
64%
62%
60%
59%
Top Data Security Concerns for Big Data
Security of Reports
Sensitive Data May Reside Anywhere
Data Privacy Violations
Privileged User Access
Lack of Effective Access Controls
20162017
44%42%
46%
35%
36%
31%29%
37%
40%
41%
have plans to use Containers this year
87%are already in
production
40%
Top Data Security Concerns for Containers
Security Budget Staffing Compliance
47% 44%
33% 30%
Security Concerns for ContainersUnauthorized Access to Containers
Spread of Malware Among Containers
Privacy Violations from Shared Resources
Vulnerabilities in Container Images
Untrusted 3rd Party Container Images
Patching and Updated Containers
Lack of Image Compliance Certifications
43%
39%
36%
35%
28%
25%
8%
Security Controls that Would IncreaseEnterprise Container Adoption
Encryption
Anti-Malware
Vulnerability Scanning
Monitoring Tools for Containers
Digital Signature-base Image Validation
Role-based Access Controls
Security Reporting Tools
Image Compliance Certifications
54%
45%
42%
36%
32%
22%
18%
12%
57%53%
49%53%
44%49%
34%44%
47%50%
31%33%
19%
9%