Cyber security incidents and misconceptions both increase as critical ERP systems migrate to the cloud
- Published: Thursday, 17 January 2019 09:16
The Cloud Security Alliance (CSA) has released the findings from its first research survey on ‘Enterprise Resource Planning (ERP) Applications and Cloud Adoption’. The study offers insight into cloud preparation and migration, the features and benefits gained, and the security and privacy challenges for ERP systems in a cloud environment.
According to the survey, 69 percent of organizations are migrating data for popular ERP applications to the cloud, moving to major cloud infrastructure-as-a-service providers, with the overwhelming majority, almost 90 percent, stating that these applications are business-critical.
In line with the top three migration concerns - moving sensitive data followed by security and compliance - the research finds that attackers are evolving, too. Over half of the survey respondents stated that they expect security incidents in the cloud to increase in the next year.
When it comes to accountability, there are troubling misconceptions: while 60 percent of survey respondents claim that they feel the cloud service provider is responsible for a breach, 77 percent believe that it is the responsibility of the organization itself to secure their ERP applications. Third-parties are held least accountable and responsible. This perception gap shows that organizations need to take more ownership of their cloud-hosted business-critical applications.
The study, which was sponsored by Onapsis, surveyed 199 managers, C-level executives, and staff from enterprises in the Americas (49 percent), APAC (26 percent) and EMEA (25 percent).
Other key findings included:
- Americas (73 percent) and APAC (73 percent) were more likely to report that they were currently migrating business-critical applications to the cloud than those in EMEA, where regulations such as the European Union General Data Protection Regulation (GDPR) impacted organizational plans for technology purchases, cloud services, and third-party policies.
- Companies are taking added measures to protect their ERP applications in the cloud, including identity and access controls (68 percent), firewalls (63 percent), and vulnerability assessment (62 percent).
- On-premise models (61 percent) are employed most commonly, with cloud SaaS (41 percent), cloud IaaS (23 percent) and cloud PaaS (17 percent) following.
- Listed among the benefits of moving to the cloud were scalability with new technologies (65 percent), lower cost of ownership (61 percent) and security patching and updating by the provider (49 percent). Barriers listed were moving of sensitive data (65 percent), security (59 percent), and compliance challenges (54 percent).
Read the full report (registration required).