Einblicke in die IT-Sicherheits-Trends
Gartner: Hype Cycle für Cloud-Sicherheit 2017 veröffentlicht
Gartner-Analysten diskutieren Cloud-Sicherheit bei den Gartner Security & Risk Management Summits in London
Die Zahl der Unternehmen, die die Cloud nutzen, nimmt schnell zu. Dadurch wächst das Interesse an der Sicherung der Daten, Anwendungen und Arbeitsprozesse in der Cloud-Umgebung. Der jetzt veröffentlichte Hype Cycle für Cloud-Sicherheit 2017 des IT-Research und Beratungsunternehmens Gartner bietet IT-Sicherheitsexperten einen Überblick darüber, welche Technologien bereit für den Mainstream sind – und welche noch Jahre brauchen, bis sie für die Mehrheit der Unternehmen produktiv nutzbar werden.
"Die Sicherheit bleibt der am häufigsten genannte Grund die öffentliche Cloud zu meiden", erklärt Jay Heiser, Research Vice President bei Gartner. "Paradoxerweise betrachten die Unternehmen, die bereits die Cloud nutzen, die Sicherheit als einen der wichtigsten Vorteile."
Lesen Sie zum Thema "IT-Security" auch: IT SecCity.de (www.itseccity.de)
Bei den Gartner Security & Risk Management Summits 2017 in London gaben die Analysten weitere Einblicke in die IT-Sicherheits-Trends.
Gartner Releases the Hype Cycle for Cloud Security in 2017
Analysts Will Discuss Cloud Security at the Gartner Security & Risk Management Summits in London and Dubai
Rapid growth in cloud adoption is driving increased interest in securing data, applications and workloads that now exist in a cloud computing environment. The Gartner, Inc. Hype Cycle for Cloud Security helps security professionals understand which technologies are ready for mainstream use, and which are still years away from productive deployments for most organisations.
"Security continues to be the most commonly cited reason for avoiding the use of public cloud," said Jay Heiser, research vice president at Gartner. "Yet paradoxically, the organisations already using the public cloud consider security to be one of the primary benefits."
The attack resistance of the majority of cloud service providers has not proven to be a major weakness so far, but customers of these services may not know how to use them securely. "The Hype Cycle can help cybersecurity professionals identify the most important new mechanisms to help their organisations make controlled, compliant and economical use of the public cloud," added Mr Heiser.
At the Peak
The peak of inflated expectations is a phase of overenthusiasm and unrealistic projections, where the hype is not matched by successful deployments in mainstream use. This year the technologies at the peak include data loss protection for mobile devices, key management as-a-service and software-defined perimeter. Gartner expects all of these technologies will take at least five years to reach productive mainstream adoption.
In the Trough
When a technology does not live up to the hype of the peak of inflated expectations, it becomes unfashionable and moves along the cycle to the trough of disillusionment. There are two technologies in this section that Gartner expects to achieve mainstream adoption in the next two years:
Disaster recovery as a service (DRaaS) is in the early stages of maturity, with around 20-50 per cent market penetration. Early adopters are typically smaller organisations with fewer than 100 employees, which lacked a recovery data centre, experienced IT staff and specialised skills needed to manage a DR programme on their own.
Private cloud computing is used when organisations want to the benefits of public cloud — such as IT agility to drive business value and growth — but aren’t able to find cloud services that meet their needs in terms of regulatory requirements, functionality or intellectual property protection. The use of third-party specialists for building private clouds is growing rapidly because the cost and complexity of building a true private cloud can be high.
On the Slope
The slope of enlightenment is where experimentation and hard work with new technologies are beginning to pay off in an increasingly diverse range of organisations. There are currently two technologies on the slope that Gartner expects to fully mature within the next two years:
Data loss protection (DLP) is perceived as an effective way to prevent accidental disclosure of regulated information and intellectual property. In practice, it has proved more useful in helping identify undocumented or broken business processes that lead to accidental data disclosures, and providing education on policies and procedures. Organisations with realistic expectations find this technology significantly reduces unintentional leakage of sensitive data. It is relatively easy, however, for a determined insider or motivated outsider to circumvent.
Infrastructure as a service (IaaS) container encryption is a way for organisations to protect their data held with cloud providers. It’s a similar approach to encrypting a hard drive on a laptop, but it is applied to the data from an entire process or application held in the cloud. This is likely to become an expected feature offered by a cloud provider and indeed Amazon already provides its own free offering, while Microsoft supports free BitLocker and DMcrypt tools for Linux.
Reached the Plateau
Four technologies have reached the plateau of productivity, meaning the real-world benefits of the technology have been demonstrated and accepted. Tokenisation, high-assurance hypervisors and application security as a service have all moved up to the plateau, joining identity-proofing services which was the only entrant remaining from last year’s plateau.
"Understanding the relative maturity and effectiveness of new cloud security technologies and services will help security professionals reorient their role toward business enablement,” said Mr Heiser. "This means helping an organisation’s IT users to procure, access and manage cloud services for their own needs in a secure and efficient way.”
Visit the Gartner Digital Risk & Security hub for complimentary research and webinars.
Gartner clients can read full analysis on the technologies in this Hype Cycle in "Hype Cycle for Cloud Security, 2017." This research is part of the Gartner Trend Insight Report "2017 Hype Cycles Highlight Enterprise and Ecosystem Digital Disruptions." With over 1,800 profiles of technologies, services and disciplines spanning over 100 Hype Cycles focused on a diversity of regions, industries and roles, this Trend Insight Report is designed to help CIOs and IT leaders respond to the opportunities and threats affecting their businesses, take the lead in technology-enabled business innovations and help their organisations define an effective digital business strategy. (Gartner: ra)
Home & Newsletterlauf: 28.09.17
Gartner: Kontakt und Steckbrief
Der Informationsanbieter hat seinen Kontakt leider noch nicht freigeschaltet.
Ihr Compliance-Magazin.de-Newsletter hier >>>>>>