The gap between the haves and have nots when it comes to enterprise cloud implementation continues to be ploughed: according to a new study from security provider DivvyCloud, less than half of enterprises polled are equipped to operate in the cloud securely.
The 2020 State of Enterprise Cloud Adoption and Security report, which polled around 2,000 IT professionals, found that while 85% of enterprise organisations believe cloud adoption is necessary for innovation, only two in five (40%) said they had a cloud and container security approach in place.
58% of respondents said their organisation had clear guidelines and policies in place for developers building and operating apps in the public cloud – and of that number, a quarter said policies were not enforced.
A similar gap exists when it comes to automation policies. More than two thirds of those polled said automation could provide benefits to their organisation’s cloud security strategy, but less than half (48%) admitted their strategies currently incorporated automation. 49% of respondents said their developers and engineers at times ‘ignore or circumvent’ cloud security and compliance policies.
The report describes the muddle adroitly. “Too often, enterprises are making a false choice: either embrace cloud rapidly and carelessly, or approach it with such timidity that inhibits true cloud adoption,” the executive summary reads. “Some enterprises are finding a middle ground: the ability to adopt cloud at pace but doing so in a way that embraces friction-free, continuous security and compliance.”
Brian Johnson, CEO of DivvyCloud, noted in a statement that this ‘choice between innovation and security’ ought to be a misnomer, with just over a third (35%) of those polled believing security does not impede developers’ access to best in class cloud services.
Speaking to CloudTech earlier this month, Jeremy Snyder, VP business/corporate development and international strategy, noted the importance of automation applied towards governance, particularly in the current climate. “In the current situation, you’ve got a lot of people needing to get things done, so the default behaviour is to give people access to go and do whatever they want to do,” he said. “What we see happening is that people are really good at creating stuff, but they’re not good at cleaning up after themselves.”
You can read the full report here (email required).
Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.