As with any technology, security is a chief concern in public cloud. Enterprises use a range of cloud security tools to keep their data safe, including those for encryption, access control, identity access management and threat detection. The tools an organization uses will vary based on its cloud deployment model, application requirements and more.
"One of the problems is that cloud security tends to be used as a homogenous term," said Garrett Bekker, senior analyst in the Enterprise Security Practice at 451 Research, an analyst firm in New York. "What you need for security for IaaS is a lot different than what you might need for SaaS."
For example, with IaaS, the enterprise relies on underlying hardware from a cloud provider such as AWS, but is responsible for securing the applications that run on that hardware. On the other hand, with SaaS, security responsibilities fall more on the SaaS provider itself.
Organizations must realize that their on-premises security strategy -- which is most likely based on building a wall around enterprise data -- will not always translate to the cloud.
"That perimeter-based approach really doesn't work in the cloud anymore because your employees can be anywhere," Bekker said.
To manage and monitor user identities and permissions across multiple devices and cloud platforms, organizations should use an identity and access management tool.
Most enterprises gravitate toward a multicloud model, so it's also important to remember that one cloud provider's security tools and features may not work for resources held by a different provider. To stay secure, use third-party cloud computing tools, as well.
"Even the cloud providers themselves will recognize that they're likely not able to secure everything" Bekker said. "A number of them have taken a partnering approach [where] they'll have certain features, but other things will rely on partners to fill in gaps."
Startups have dominated the third-party cloud security tool market, but legacy vendors such as IBM and Microsoft have moved into the space either by evolving existing security tools, developing new ones or through acquisition, Bekker said.