SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
DLP and IaaS container encryption hitting mainstream says Gartner
Mon, 11th Sep 2017
FYI, this story is more than a year old

Experimentation and hard work in data loss protection and infrastructure-as-a-service container encryption technologies are beginning to pay off for an increasingly diverse range of organisations, according to Gartner.

The two technologies have made it onto the ‘slope of enlightenment' on Gartner's 2017 Hype Cycle for Cloud Security, with the analyst firm forecasting both technologies to fully mature within the next two years.

The hype cycle aims to showcase which technologies are ready for mainstream use and which are still years away from productive deployments for most organisations.

Jay Heiser, Gartner research vice president, says security continues to be the most commonly cited reason for avoiding public cloud use.

“Yet paradoxically, the organisations already using the public cloud consider security to be one of the primary benefits,” Heiser says.

“Data loss protection is perceived as an effective way to prevent accidental disclosure of regulated information and intellectual property,” Gartner says.

“In practice, it has proven more useful in helping identify undocumented or broken business processes that lead to accidental data disclosures, and providing education on policies and procedures.

“Organisations with realistic expectations find this technology significantly reduces unintentional leakage of sensitive data,” Gartner says.

However, the company also notes that it is ‘relatively easy' for determined insiders or motivated outsiders to circumvent DLP.

Meanwhile Gartner says IaaS container encryption, which providers organisations with a way to protect data held with cloud providers by encrypting data from an entire process or application held in the cloud, is likely to become an ‘expected feature' offered by cloupd providers.

“Indeed Amazon already provides its own free offering, while Microsoft supports free BitLocker and DMcrypt tools for Linux.

The latest cloud security hype cycle see tokenisation, high-assurance hypervisors and application security-as-a-service joining identity-proofing services on the ‘plateau of productivity' – meaning the real world benefits of the technologies have been demonstrated and accepted.

Identity-proofing services is the only entrant remaining from last year's hype cycle plateau of productivity.

Disaster recovery-as-a-service and private cloud computing have both been relegated to the ‘trough of disillusionment' – when technology doesn't live up to initial hype and become unfashionable – though Gartner says it expects both to achieve mainstream adoption within the next two years.

Gartner notes DRaaS has around 20-50% market penetration.

“Early adopters are typically smaller organsiations with fewer than 100 employees, which lacked a recovery data center, experienced IT staff and specialised skills needed to manage a DR program on their own.

Gartner notes that the use of third party specialists for building private clouds – used when companies want the benefits of public cloud but aren't able to find cloud services which meet their needs in terms of regulatory requirements, functionality or IP protection – is growing rapidly because of the cost and complexity of building a true private cloud.

Data loss protection for moible devices, key management-as-a-service and software defined perimeter are among the technologies assigned to the ‘peak of inflated expectations' category, with Gartner noting the offerings will take at least five years to reach productive mainstream adoption.

"Understanding the relative maturity and effectiveness of new cloud security technologies and services will help security professionals reorient their role towards business enablement," Heiser says.

"This means helping an organisation's IT users to procure, access and manage cloud services for their own needs in a secure and efficient way."