2018-07-23
企业称,他们目前的安全工具在云中并不奏效,但他们却不愿意采用云安全系统。
云使用的增长速度超过企业保护云的能力。尽管IT专家很快指出了“软件即服务”(Software as a Service,SaaS)应用程序的好处,但他们对采用云中特定的安全工具却犹豫不决。与此同时,他们现有的安全系统将云端数据置于危险之中。
iboss在其《2018年企业云趋势》报告中指出,大多数(64%)大型企业表示,SaaS的采用速度已经超过云安全措施。平均而言,约有20%的企业应用程序是SaaS,预计在未来两到三年内,这一比例将达到36%。
iboss的所有受访者均表示,相较于物理软件,使用SaaS应用程序至少有一个好处。这些好处包括速度(71%)、人性化(58%)、数据存储容量(49%)、提高生产率(43%)和数据可访问性(40%)。他们最常将SaaS用于电子邮件(63%)、数据丢失防护(59%)和文件共享(59%)。
员工希望在工作场所使用SaaS,而且他们将会继续这样做。然而,91%的受访者表示,如果要在云环境中运营,企业的安全策略就需要改进。10%的受访者表示需要“彻底检修”。
Sumo Logic公司在一项名为“2018年全球云安全趋势”的调查中指出,97%的受访者认为云安全是一项挑战。大多数受访者报告称缺乏工具、跨职能协作和资源来深入了解企业安全。
几乎所有的(93%)受访者都表示面临在云中使用安全工具的问题。约一半(49%)受访者认为现有工具在其云环境中效果不佳,指出太多的工具使得他们很难确定优先级。45%的受访者表示,由于整合不佳,他们无法及时调查威胁。受访者还表示,不同的工具会给出相互矛盾的信息,云中特定的工具既昂贵又难以学习。
“传统的本地安全工具根本不是为大多数大型企业今天使用的无边界网络设计的,”iboss联合创始人兼首席执行官保罗�马蒂尼(Paul Martini)说,“本地解决方案需要通过总部的物理安全设备路由所有网络流量,这是一个非常昂贵且效率低下的过程。”
Sumo Logic发现87%的企业出于若干原因费力地在云中使用本地安全信息和事件管理(SIEM)解决方案。超过一半(51%)的受访者表示无法有效吸收云数据和威胁(51%),34%的受访者表示在云中使用本地工具太过昂贵,33%的受访者表示部署和使用很困难。只有17%的受访者表示他们不愿意在云端使用本地SIEM。
Sumo Logic首席安全官乔治�格尔乔(George Gerchow)表示,SIEM最初创建的目的是用于安全数据,主要由安全团队使用。现在,这些系统需要更加透明,以便开发人员和运营人员可以访问数据。随着企业日益依赖Office 365,Salesforce和Workday等云服务,他们意识到需要进行改变。
格尔乔解释说:“他们终于开始学习他们需要的东西,这些东西将具有可扩展性,弹性和在现代应用程序中的可见性。”
他补充说,在云中使用本地工具成本高昂。从云环境中收集数据,导入数据进行分析,然后将数据推回到云端,这些过程的效率低下且成本高昂。
云安全需求也给安全团队的结构施加了压力。Sumo Logic的受访者中超过60%认为云安全需要更广泛的技术专长,54%的受访者表示需要更大规模的跨团队协作,51%的受访者表示他们的员工超负荷工作。总体而言,97%的企业面临着云安全方面的挑战。
尽管对SaaS应用程序充满热情,但约一半(49%)的iboss受访者表示他们对采用基于SaaS的安全工具犹豫不决。
“因为他们认为每个SaaS解决方案都需要他们利用多租户共享云架构,所以公司通常会因数据隐私问题而不愿意采用SaaS安全工具。”马蒂尼说。他补充说,金融服务和医疗等行业的人士也担心监管控制。
但是,如果不切换到云安全,企业就得放弃SaaS应用程序提供的诸多好处。越来越多的员工要求灵活地使用云应用程序进行远程工作;使用本地安全工具会妨碍他们安全地做到这一点。
“使用云安全工具的风险在于知识和教育,”格尔乔说,“我们在这方面有欠缺。如果移到云端,(企业)根本没有技能来了解这些工具是如何工作的。”
采用云安全工具可能需要一条学习曲线,但格尔乔警告称,那些在转移到云端时坚持使用本地工具的公司是很危险的。
“在我看来,最大的风险是,你只能看到环境的一部分,”他解释说,“你无法对发生的事情进行全面的360度审视。”
随着公司收集大量数据,他们转向SaaS安全的压力将会增加,格尔乔继续说道。基于云的解决方案可以扩展以处理更大的数据存储。例如,如果你在AWS中管理工作负载,并且从10 TB的数据扩展到40 TB再到100 TB,那么你就无法使用本地安全系统来保护所有的数据了。
《On-Premise Security Tools Struggle to Survive in the Cloud》
4/10/2018
05:30 PM
Businesses say their current security tools aren't effective in the cloud but hesitate to adopt cloud-based security systems.
Cloud usage is growing faster than businesses' ability to secure it. While IT pros are quick to point out the benefits of SaaS applications, they are hesitant to adopt cloud-specific security tools. At the same time, their existing security systems are putting cloud-based data at risk.
Most (64%) large organizations say SaaS adoption is outpacing security, reports iboss in its new 2018 Enterprise Cloud Trends report. On average, about one-fifth of enterprise applications are SaaS, and the number is expected to hit 36% per business within the next two- to three years.
All of iboss' respondents say there is at least one benefit to using SaaS applications over physical software. Their reasons include speed (71%), user-friendliness (58%), data storage capacity (49%), heightened productivity (43%), and data accessibility (40%). They are most commonly using SaaS for email (63%), data loss prevention (59%), and file sharing (59%).
Employees expect to use SaaS in the workplace and they'll continue to do so. However, 91% of respondents say their organizations' security policies need to improve if they're going to operate in a cloud environment. One in ten says a "complete overhaul" is needed.
Current Tools Aren't Cutting It in the Cloud
Security in the cloud was a challenge for 97% of respondents in a new global survey by Sumo Logic, entitled 2018 Global Security Trends in the Cloud. Most report a lack of tools, cross-functional collaboration, and resources to gain insight into enterprise security.
Nearly all (93%) respondents have issues using security tools in the cloud. About half (49%) say existing tools aren't effective in their cloud environments, stating too many tools makes it hard to know what to prioritize. Forty-five percent say they can't investigate threats in a timely manner because of poor integration. Respondents also say different tools give conflicting information, and cloud-specific tools are both expensive and hard to learn.
"Legacy, on-prem security tools simply aren't designed for the borderless networks most large organizations use today," says iboss cofounder and CEO Paul Martini. "On-prem solutions require all network traffic to be routed through physical security appliances at headquarters, an incredibly expensive and inefficient process."
Sumo Logic found 87% of businesses struggle to use on-prem SIEM in the cloud for several reasons. More than half (51%) say they can't effectively assimilate cloud data and threats (51%), 34% say using on-prem tools in the cloud is too expensive, and 33% say deployment and usage is difficult. Only 17% say they don't struggle to use on-prem SIEM in the cloud.
When the SIEM was originally built, it was intended for security data, says Sumo Logic CSO George Gerchow. It was primarily used by security teams. Now, these systems need to be more transparent so developers and operations employees can access the data. As businesses rely on cloud services like Office 365, Salesforce, and Workday, they're realizing they need to change.
"They're finally starting to learn they need something that's going to be scalable, elastic, and give visibility across modern-day applications," Gerchow explains.
Using on-prem tools in the cloud is expensive, he adds. Collecting data from a cloud-based environment, importing it for analysis, then pushing it back to the cloud is inefficient and costly.
The demands of cloud security are also putting pressure on the structure of security teams. More than 60% of Sumo Logic respondents say cloud security demands broader technical expertise, 54% say they need greater cross-team coordination, and 51% say their staff is overloaded. Overall, 97% of respondents face organizational challenges with cloud security.
Switching to SaaS Security: Why Wait?
Despite the enthusiasm around SaaS applications, around half (49%) of iboss' respondents report they're hesitant to adopt SaaS-based security tools.
"Because they believe every SaaS solution requires them to leverage multi-tenant shared cloud infrastructure, companies are typically hesitant to adopt SaaS security tools due to data privacy concerns," says Martini. Those in industries like financial services and healthcare are also worried about regulatory control, he adds.
However, not switching to cloud-based security will force companies to forego a lot of benefits provided by SaaS applications. More employees demand the flexibility to use cloud applications to work remotely; using on-prem security tools prevents them from doing this securely.
"A risk is in using cloud-based security tools is around knowledge and education," says Gerchow. "We just don't have enough of it out there. Moving to the cloud, [businesses] just don't have the skill sets to understand how these tools work."
Adopting cloud-based security tools may require a learning curve, but Gerchow warns companies that sticking with on-prem tools amid the move to cloud can be dangerous.
"In my mind, the biggest risk is, you'll only be looking at part of the environment," he explains. "You're not going to get a holistic, 360-degree view of what's taking place."
The pressure to embrace SaaS security will increase as companies collect larger amounts of data, Gerchow continues. Cloud-based solutions can scale to handle larger data stores. If you're managing workloads in AWS, for example, and scale from 10 terabytes of data, to 40, to 100, you won't be able to secure it all with an on-prem security system.
附件:
《On-Premise Security Tools Struggle to Survive in the Cloud》--原文.pdf
《On-Premise Security Tools Struggle to Survive in the Cloud》--译文.pdf
微信公众号