SCCyberworld

Tuesday, March 5, 2013

Symantec Survey in Malaysia Reveals Upsurge in Rogue Clouds and Other Hidden Costs


KUALA LUMPUR, Malaysia – March 5, 2013 – Organisations in Malaysia are widely migrating to the cloud to gain competitive advantages around speed, agility and flexibility according to the Malaysia findings of Symantec Corp’s. (Nasdaq: SYMC) recent Avoiding the Hidden Costs of Cloud 2013 Survey. In fact, 99 percent of organisations in Malaysia  are at least discussing cloud, up from 70 percent about a year ago. Other key survey findings showed enterprises and SMBs are experiencing escalating costs tied to rogue cloud use, complex backup and recovery, and inefficient cloud storage. Rogue clouds are defined as business groups implementing public cloud applications that are not managed by or integrated into the company’s IT infrastructure.

Industry experts predict several key issues will arise in 2013 focused on the financial pressures and security challenges of cloud computing. Business continuity is seen as an important issue with the increase in cloud outages posing greater risks than security breaches. An outage may impact businesses and pose important concerns around data loss prevention, backup, time spent on data recovery and the associated costs. However, with advance preparation, organisations can build safe, agile and efficient clouds that will enable them to meet their business goals.


 (from left):Dave Elliot, Senior Product Marketing Manager, Global Cloud Marketing, Symantec. Nigel Tan, Director of Systems Engineering, Symantec Malaysia.


“A majority of businesses in Malaysia are at least discussing cloud as the benefits in improving agility and reducing costs are clear. However, in a rush to implement cloud, there are a host of hidden costs unwary organisations may face. The hidden costs of cloud implementation can negate the benefits if not properly contained,” said Nigel Tan, director of Systems Engineering at Symantec Malaysia.

“By taking control of cloud deployments through foresight and planning, companies in Malaysia can seize advantage of the flexibility and cost savings associated with the cloud, while minimising the data control and security risks linked with rogue cloud use,” Tan added.

“Wherever companies go with clouds, we will provide the protection and control they need across public and private cloud environments. Symantec’s vision is for safe, agile and efficient clouds. In five years, companies will operate in a converged IT world of cloud, virtualisation and mobile computing where clouds are safe. IT organizations will have better visibility, control and compliance across their private and public clouds,” said Dave Elliott, Symantec’s senior product marketing manager for Global Cloud.

“To achieve this safe clouds environment, the IT industry needs to enforce rigorous cloud strategies around the protection of policy, information, people and infrastructures. Symantec’s comprehensive portfolio provides companies of all sizes a variety of cloud solutions to address their specific needs and current IT environments.”

Rogue Cloud Implementations
According to the Malaysia findings of the survey, rogue cloud deployments are one of the cost pitfalls. It is a surprisingly common problem, found in 95 percent of businesses in Malaysia within the last year. It also seems to be an issue experienced more by enterprises, due to their larger company size, than SMBs.

Among organisations who reported rogue cloud issues, 47 percent experienced the exposure of confidential information, and 40 percent or more faced defacement of Web properties, stolen goods or services, and account takeover issues. The most commonly cited reasons for undertaking rogue cloud projects were to save time and money.

Cloud Backup and Recovery Issues
Cloud is complicating backup and recovery. First, 59 percent of organisations in Malaysia use three or more solutions to backup their physical, virtual and cloud data—leading to increased IT inefficiencies, risk and training costs. Furthermore, almost half (47 percent) percent of organisations in Malaysia have lost cloud data, and most (83 percent) have experienced recovery failures.

Finally, most see cloud recovery as a slow, tedious process. Only about one fourth (27 percent) of organisations in Malaysia rate this as fast and 22 percent estimate it would take three or more days to recover from a catastrophic loss of data in the cloud.

Inefficient Cloud Storage
One of the key advantages to cloud storage is how simple it is to provision. Sometimes this simplicity leads to inefficient cloud storage. Generally, organisations strive to maintain a storage utilisation rate above 50 percent. According to the survey, cloud storage utilisation globally is surprisingly low at 17 percent. There is a tremendous difference in this area between enterprises globally (which are utilising 26 percent of their storage) and SMBs (which is a shockingly low seven percent). Furthermore, within Malaysia, just over half admit very little, if any, of their cloud data is deduplicated, further compounding the problem.

Compliance and eDiscovery Concerns
According to the survey, 64 percent of organisations in Malaysia are concerned about meeting compliance requirements in the cloud, and a slightly larger number (71 percent) are concerned about being able to prove they have met cloud compliance requirements. This concern about information in the cloud is well founded, as 39 percent of organisations have been fined for cloud privacy violations.

eDiscovery is creating additional pressure on businesses to quickly find the right information. About half (51 percent) of businesses in Malaysia reported receiving eDiscovery requests for cloud data. Of those, almost two-thirds (61 percent) have missed their cloud discovery deadlines, leading to fines and legal risks.

Data in Transit Issues
Organisations have all sorts of assets in the cloud – such as web properties, online businesses or web applications – that require SSL (Secure Sockets Layer) certificates to protect the data in transit whether it is personal or financial information, business transactions and other online interactions. The Malaysia findings of the survey showed companies found managing many SSL certificates to be highly complex: Just 33 percent rate cloud SSL certificate management as easy and only 48 percent are certain their cloud-partner’s certificates are in compliance with corporate standards.

Hidden Costs Are Easily Avoided
The survey shows ignoring these hidden costs will have a serious impact on business. However, these issues are easily mitigated with careful planning, implementation and management:
Focus policies on information and people, not technologies or platforms
Educate, monitor and enforce policies
Embrace tools that are platform agnostic
Deduplicate data in the cloud

Symantec’s Avoiding the Hidden Costs of Cloud 2013 Survey
Symantec’s 2013 Cloud Survey is a result of research conducted by ReRez in September-October 2012. The full study represents 3,236 organisations from 29 countries, including 150 organisations in Malaysia. Responses came from companies with a range of five to more than 5,000 employees. Of those responses, 1,358 came from SMBs and 1,878 came from enterprises.



赛门铁克马来西亚调查显示不合格云端服务(Rogue Clouds)及隐形成本暴增

马来西亚吉隆坡 – 2013年3月5日 – 赛门铁克公司(Nasdaq: SYMC) 近日发布的《2013年云端隐形成本调查》(Avoiding the Hidden Costs of Cloud 2013 Survey)马来西亚数据显示,马来西亚企业广泛迁移至云端以获取速度、敏捷度和灵活性方面的竞争优势。事实上,99%的马来西亚企业已开始讨论云端技术,比率超越了一年前的70%。此调查的另一项重要发现显示,大企业和中小型企业都面对着不合格云端服务(rogue cloud)、复杂的备份和复原、以及云端存储效率欠佳等问题,因而造成成本增加。不合格云端服务定义为企业采用并非由公司资讯科技部门管理,也没有与资讯科技基础建设整合的公共云端应用。

业界专家预测,2013年即将崛起的几项重要问题主要围绕在云端计算的财务压力和保安挑战等范畴。随着日趋频繁的云端服务中断事故会引发比安全漏洞更大的风险,维持业务持续性被视为重大议题。云端服务中断将对业务造成影响并引发各项重大关注,其中包括:预防数据遗失、备份、数据复原及相关成本等等。然而,在事前作好准备的情况下,企业则可以建立安全、灵活、高效,同时又能满足其商业目标需求的云端服务。

“由于云端服务在提高灵活运用和降低成本方面的效果显著,因此大部分马来西亚企业都在讨论云端服务。但是,未经谨慎考量而太过仓促实施云端服务的企业可能会面对大量的隐形成本问题。如果没有妥善处理,这些隐形成本会导致云端服务的好处被否定。”马来西亚赛门铁克系统工程总监陈善龙表示。

“通过谨慎考量和完善规划来掌控云端服务部署,企业可以充分利用云端服务灵活性和节约成本,同时最大限度减少不合格云端服务带来的数据控制和安全风险。”陈先生补充说明。

“当企业决定采用云端服务,我们将为它们提供公共云端和私人云端环境所需要的保护和监控。赛门铁克的愿景是提供安全、灵活及高效率的云端服务。未来5年,企业将进入汇合云端、虚拟化和行动运算的资讯科技运作环境,资讯科技部门对于公共云端和私人云端将拥有更好的能见度、管理和法规遵循能力。”赛门铁克全球云端资深产品市场经理Dave Elliot表示。
“为了实现安全云端环境的愿境,资讯科技领域必须进一步强化政策保护、资讯、人力和基础设施方面的严格云端策略。赛门铁克拥有完善全面的解决方案,可以为各类型企业提供多元化云端服务方案,以满足企业的特别需求和现有资讯科技环境。”

不合格云端服务部署
这项调查的马来西亚数据显示,不合格云端服务是最大的隐形成本之一。令人惊讶的是这居然极其普遍,多达95%的马来西亚企业在去年曾遇到这个问题。由于公司规模比较庞大,这个问题对大型企业的影响超过了中小型企业。

在呈报遭遇不合格云端服务问题的企业中,47%表示发生机密信息泄露的情况,40%或以上的企业经历网站内容被窜改、货品或服务被盗窃,以及帐户盗用等问题。企业采用不合格云端服务最常见的原因则是节省时间和金钱。

云端备份和复原问题
云端计算将备份和复原变得更为复杂。首先,59%的马来西亚企业采用三个或更多的解决方案来备份其实体、虚拟和云端数据,这种情况导致资讯科技效率降低、增加风险和培训成本。此外,大约半数 (47%) 马来西亚企业曾面临过数据丢失的事件,而大部分企业 (83%)经历过数据复原失败的情况。
最后,大部分企业都认为云端数据复原是一个缓慢、冗长的过程,只有四分之一(27%)的马来西亚企业评定此过程迅速,而22%则预计必须耗费三天或更长时间才能将遭受灾难性损失的云端数据复原。

云端存储效率欠佳
云端存储的关键优势之一在于其部署过程简单,但这个优势有时却会导致云端存储效率欠佳。一般情况下,企业会设法把存储利用率维持在50%以上。根据这项调查显示,全球云端存储的利用率却出乎意料低至17%。在这方面,全球大企业(存储利用率达至26%)和中小型企业(低至让人惊讶的7%利用率)存在巨大差距。另外,超过半数的马来西亚企业承认,它们很少进行云端数据的重复删除技术操作,让有关问题变得更为复杂。

法规遵循与电子搜证(eDiscovery)考量
调查显示,64%的马来西亚企业担心能否符合云端服务的法规要求,更多企业(71%)担忧无法证明已经符合云端法规遵循的要求。事实上,39%企业曾因违反云端私隐权规定而被罚款,因此企业确实有必要关注法规遵循问题。

电子搜证(eDiscovery) 可以快速地找到正确的资讯,但也为企业带来额外压力。超过半数(51%) 的马来西亚企业呈报曾被要求进行云端搜证以提供云端资料,其中有三分之二 (61%) 错过了云端搜证的期限,因而面临罚款和法律风险。

数据传输问题
企业在云端存储各种企业资产(例如:web属性、在线业务或web应用),无论是个人信息、财务资料、商业交易或其他在线业务,这些都需要安全套接层(Secure Sockets Layer,简称SSL)证书来保证数据传输的安全。

这项调查的马来西亚数据显示,企业认为管理大量SSL证书相当复杂,仅有33%评定云端服务SSL证书管理相对简单。另外,确定其云端服务合作伙伴证书符合企业标准的也仅占48%.

轻松避免隐形成本
调查显示,忽略这些隐形成本将对业务产生严重的影响。但是,谨慎周密的规划、实施和管理能够轻松减少这些问题:

将策略重点放在信息和人,而不是技术或平台。
教育、管理并监督策略实施 。
采用不受平台限制的工具。
对云端数据进行重复数据删除。

关于赛门铁克2013年云端隐形成本调查
赛门铁克2013年云端隐形成本调查是由ReRez於2012年9月至10月期间进行的研究。整个调查涵盖了来自29个国家的3,236家企业,其中包括了150间马来西亚企业。受访企业的员工人数介于5人至5,000人以上。这些企业中包括1,359间中小企业及1,878家大型企业。

No comments: