Automation, cost savings, and data redundancy -- no wonder cloud adoption is tempting. The CISO can rest easy knowing there is no vice in moving to the cloud to reap these rewards. What may keep her up at night is not knowing how many missteps the enterprise is making in the process.
Here CISOs and security buffs round up seven security sins that can undermine cloud computing's benefits.
1. Failing to check IDs at the door
The only secure way to log in to the cloud is through enterprise identity management systems. Though many cloud services permit just about anyone in the organization to sign themselves up, create their own IDs and passwords without registering these with the enterprise, and then connect these credentials to personal email addresses, that does not mean that IT or the business should let it happen.
"While it is easy to start out this way, failing to integrate with enterprise IMS will leave the organization open to leaks, policy violations, and ultimately the inability to secure the cloud," says John Thielens, Chief Security Office of Axway.