'Shadow IT' - A Major Concern, Says Forrester
FREMONT, CA: Most of the IT enterprises are not confident about the existing controls for SaaS security; for many, shadow IT practices, the IT systems built and used inside organizations without explicit organizational approval, are something that cannot be ignored, reveals a report by Forrester Research.
According to the report, 43 percent of respondents believed the shadow IT practices were major threats to their organizations. Also, 46 percent said that SaaS providers make overstated or unrealistic claims.
In order to bring the best out of SaaS products, apart from a clear understanding about the threats and vulnerabilities of these consumption model , it’s also critical to identify the party which is responsible for the breaches, reports Dan Kobialka for Talkin' Cloud.
Some of the major findings include:
- 79 percent of IT professionals said their organizations use SaaS, and 92 percent of respondents said they believed their existing security controls were either effective or very effective in protecting their digital assets in SaaS applications.
- 79 percent of respondents erroneously considered end users as the top group responsible for cloud services provider (CSP) security.
- 71 percent of respondents claimed to completely or mostly understand the division of security control responsibility as stipulated by their SaaS provider contracts.
- Researchers said the majority of respondents put faith in their legacy controls, but many of these controls were "outdated perimeter protections" such as firewalls and virtual private networks (VPNs).
Forrester has also come up with certain recommendations such as evaluating protection gaps by reviewing SaaS provider contracts and security capabilities, finding SaaS-focused solutions and managing SaaS adoption.
Cloud Computing Changing Management
By Michael Cockrill, CIO, State of Washington
By Brett Shockley, SVP & CIO, Avaya
By Sven Gerjets, SVP-IT, DIRECTV
By Steve Moyer, VP of Storage Software Engineering, Micron...
By Michelle R. McKenna-Doyle, SVP and CIO, National Football...
By Patrick Hale, CIO, VITAS Healthcare
By Roman Trakhtenberg, CEO, Luxoft
By Julia Davis, SVP, CIO, Aflac
By Chris Westlake, VP & GM of Service,RK
By Pauly Comtois, VP DevOps, Hearst Business Media
By Yanni Charalambous, VP & CIO, Occidental Petroleum...
By Bob Brown, VP-Production & Operations, ONE World Sports
By Arthur Hu, SVP & CIO, Lenovo
By Ron Guerrier, CIO, Farmers Insurance Group, Inc.
By Scott Cardenas, CIO, City and County of Denver
By Kevin McCarron, Vice President Collaboration, Carousel...
By Marc Kermisch, VP & CIO, Red Wing Shoe Co.
By Christopher Frenz, AVP of Information Security,...
By Brian Drozdowicz, VP, Digital Services, Siemens...
By Les Ottolenghi, EVP and CIO, Caesars Entertainment