Cloud survey results - Part 2: 84.5% said business applications most common cloud app used

Posted by John Ryan
on 22-May-2019 08:20:00

Zinopy’s recent cloud security research found that 91% of Irish businesses either had a cloud development strategy or is currently putting one in place. Here is the second part summarising the survey highlights. Read part 1 HERE.

Security measures

The three most used security measures to protect sensitive data and control access to the cloud were multi-factor authentication, anti-malware and encryption. The remainder (in order) were:

  1. Network access controls
  2. Log and event management (SIEM)
  3. Vulnerability scanning
  4. Application control (application whitelisting)
  5. Identity and access management (IDM/IAM)
  6. IDS/IPS
  7. Forensics and incident response
  8. DLP (host- or network-based)
  9. Cloud encryption gateways and/or cloud access security brokers (CASBs)

On a similar note, IAM is the most used security control to protect applications in the cloud, with malware detection, encryption and log and event management (SIEM) following closely.

What type of cloud?

It seems that most of us are using a hybrid or multi cloud strategy (59.7%). This of course makes sense, because not everything needs to be in the cloud. There are many good reasons why systems shouldn’t be moved. None more important than a bespoke application critical to business operations where moving it would carry too great a risk. Also, sometimes applications have a physical onsite dependency.

Climate change

Cloud applications

84.5% said the most common application used in the cloud is - no great surprise – business applications. Most likely Microsoft Office 365 and similar. After this came Backup as a Service and storage/data archiving with Disaster Recovery coming in fourth. Again, this all logical because these are the easiest applications to move to the cloud.  Not just that, they make more sense in the cloud than on-premises.

Further to that, the foremost concern for organisations regarding the use of business applications in the public cloud was unauthorised access to sensitive data by others such as cloud tenants, cloud provider personnel or third parties.

Summary

As we always say here in Zinopy, (and to quote Misha Glenny, cyber security journalist):

“There are two types of companies, those that have been hacked and those who don’t know they’ve been hacked.”

Prevention is always better than the cure. Talk to us to learn more about the tools needed to defend your organisation from cyber attacks.

Download the survey results here.

 Download the report

Topics: Security, Cloud

Written by John Ryan

John Ryan has over 25 years’ experience in the IT industry gained in high profile roles in the IT Security market with Entropy, Calyx and as founder and CEO of Zinopy. He has a breadth of technical experience in all areas of networking and security, with a particular focus on data security and enterprise risk management. John is a regular speaker at industry events.
Find me on: