ESG’s recent cloud security research was designed to gain insights into organizations' awareness of, requirements for, and future plans with regard to cloud security.
One of the most startling takeaways from that research was the pervasiveness of “shadow IT.” Organizations are struggling to get a grip on their cloud application usage and policies, and, in many cases, they are turning to CASB (cloud application security broker) providers for help.
Watch ESG’s infographic research video below for more insights on this topic.
“Shadow IT,” or the use of non-sanctioned cloud applications, is a massive problem for organzations.
According to a recent ESG Survey, 93% of organizations are aware of, or concerned about, shadow IT to some degree, and 65% say they are aware of a moderate or significant number of non-IT sanctioned applications in use. It is a pervasive, universal problem. Organizations either lack awareness, control, or both.
These are the types of applications security pros are most worried about, requiring the most control and monitoring oversight. External, business-critical applications, important internal operations applications, and non-critical applications.
It’s old hat to say that security concerns slow down cloud migration, since every year, that is less and less the case. But although these concerns are no longer a barrier to cloud adoption... they still persist.
What are the top cloud security concerns keeping IT pros awake at night?
#1. Storing sensitive data in the cloud, and #2. The use of shadow IT applications.
Because you can’t secure what you cannot see.
Public Cloud vs. On-premises Security.
80% of IT decision makers believe that their on-premises security is somewhat more, or much more, mature than public cloud security. However, watch for this dynamic to shift with every passing year. As on-premises infrastructure continues to decline in overall pervasiveness, IT security pros will become more comfortable with cloud-based security processes and technologies.
Many organizations are using a CASB, or Cloud Access Security Broker, to gain visibility into and control over the use of cloud applications. CASB is used to identify potential security breaches through cloud apps and to gain visibility into the use of non-sanctioned IT apps.
In fact, CASB is how many organizations are addressing this issue. 92% say that CASB is important, very important, or critical when it comes to gaining control over the use of cloud applications in their organization. And 86% will increase their spending on cloud security over the next 12 months.
CASB products are well along the road to being universally used by enterprise organizations, and their budgeting plans show just how important cloud security and control will be moving forward. CASBs have become the go-to solution for reining in rogue cloud app usage.