The explosion of knowledge and functions has made multicloud – the place the group’s knowledge is saved on a number of cloud platforms and functions — a actuality for a lot of organizations. Together with increasing the assault floor, the multicloud makes the duty of securing and managing knowledge much more difficult.
Nearly 20% of CISOs responding to a knowledge safety survey from Eureka Safety and YL Ventures say they do not know what database/platform they use to retailer the group’s delicate knowledge.
The survey outlined delicate knowledge as personally identifiable data (PII), private well being data (PHI), secrets and techniques comparable to passwords and utility tokens, and fee card data (PCI). On this survey, PII was the most typical delicate knowledge saved (84%), adopted by secrets and techniques (55%), PHI (29%) and PCI (29%).
Most CISOs say they make use of instruments and methodologies for limiting entry to knowledge. Nearly all of respondents say they depend on devoted teams (92%) and community insurance policies (51%).
Delicate Knowledge Saved within the Cloud
There are organizations nonetheless leery about migrating utility workloads to the cloud due to considerations about storing delicate knowledge in servers they do not have full management over. Nonetheless, the survey suggests that almost all organizations usually are not letting knowledge safety considerations maintain them again from the cloud. About 45% of respondents say they retailer delicate knowledge in public clouds, and the identical variety of respondents say they depend on a hybrid method, with delicate knowledge saved throughout cloud and on-premise techniques. Simply 2% of respondents say delicate knowledge are saved on-premises.
In truth, 22% of respondents acknowledged that greater than half of their cloud knowledge is delicate.
Respondents had been additionally requested to record the highest three databases/platforms used to retailer delicate knowledge. PostgreSQL was by far the preferred database (41%) and MySQL, MsSQL, Oracle, and Snowflake had the identical utilization charges (22%). The report notes that many CISOs are counting on “lift-and-shift” – the place they’re shifting from on-premises to cloud with out adopting cloud-specific knowledge safety controls, comparable to classification and masking insurance policies.
There may be additionally a little bit of a disconnect between the variety of respondents who say they retailer delicate knowledge in cloud techniques and the variety of respondents who use cloud platforms. Of the highest 5 platforms, Snowflake is the one one particularly constructed for the cloud with end-to-end cloud knowledge security measures.
The Addressing Cloud Knowledge Safety within the Multi-Cloud Period report is accessible from Eureka Safety and YL Ventures.