Equinix is excited to announce that we are now a corporate member of the Cloud Security Alliance, a global nonprofit that promotes best practices for security within cloud computing and provides education on the cloud that helps secure all other forms of computing.
Today’s announcement comes at a time when cloud adoption is practically universal across all industries, making cloud security a universal concern. Consider these statistics from Skyhigh’s 2015 Q4 Cloud Adoption & Risk Report:
- The average employee uses 30 cloud services at work, including eight collaboration services, five file sharing services and four content-sharing services.
- Across all users, 28.1% of employees have uploaded a file containing sensitive data to the cloud.
- 8% of all documents uploaded to cloud-based file sharing services contain sensitive information.
Despite these vulnerabilities, many organizations haven’t placed a priority on cloud security. Symantec’s most recent Internet Security Threat Report found that in 2014, 60% of all targeted attacks struck small- and medium-sized organizations, many of which are still not adopting basic cloud best practices, even as attackers are targeting the cloud in increasingly sophisticated ways. The same Symantec report discussed Web attack toolkits designed to be used in the cloud as Software-as-a-Service (SaaS). These toolkits scan victims’ computers looking for vulnerable plug-ins so they can launch the most effective attack.
All told, the average organization experiences 19.6 cloud-related security incidents each month, according to the Skyhigh report. The importance of the work of the Cloud Security Alliance (CSA) becomes obvious in the context of tireless attackers and the basic reality that while organizations must be connected to the cloud, this interconnection comes with vulnerabilities.
In 2015, I wrote a thought leadership paper for CSA titled Security Considerations for Private vs. Public Clouds. It outlines from a neutral perspective various considerations when deciding whether to deploy your Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) or SaaS cloud in a private vs. public or shared setting. I’m also a member of the CSA steering committee for the Cyber Incident Sharing Center (Cloud-CISC).
So why did Equinix join the CSA? It will help keep our Equinix Cloud Exchange on the vanguard of cloud security. Cloud Exchange is an advanced interconnection solution that enables secure, direct, simultaneous network connectivity between enterprises and numerous cloud providers from a single port. From both a security and performance perspective, data transmitted over direct connections always beats data transmitted over the public Internet, and businesses of all sizes are using the Cloud Exchange to access cloud services, including Amazon Web Services, Microsoft Azure and Office 365, to name just a few. If you haven’t talked to us about Cloud Exchange yet, I highly encourage you to contact us and find out more.
And you should also consider following the activities of the CSA, if you don’t already. Robust data security is a prerequisite for business success, and CSA is always working to help the enterprise obtain it. Equinix is proud to be a part of that.