The public Cloud is more secure than ever before, although Verizon admits there is still more work to be done.
Cyber security vice-president, Eddie Schwartz, recommends businesses stay vigilant when considering Cloud solutions as “mileage may vary”.
“The reality is most security in the Cloud is not transparent to organisations,” he said.
If a business asks about security in the Cloud, Schwartz said they will be typically presented with a list of certifications that the organisation has, or documentation demonstrating where a provider may stand relative to security regulatory frameworks.
Instead of merely talking about security, Schwartz said transparency is important for demonstrating security in the Cloud.
“In terms of providing this transparency and Cloud providers offering the ability for customers to be able to control the outcome, the public Cloud still has a long way to go,” he said.
The sovereignty issue
Another challenge Schwartz sees with the Cloud is data sovereignty and the concerns expressed by each jurisdiction.
This includes proving the data is in fact compliant with the requirements of each country when it comes to protecting it.
“Businesses have to show that they’re able to protect the data in line with their security policies and risk management objectives,” he said.
Currently, Schwartz has found most Cloud providers today are unable to provide the required level of transparency.
Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.