European organizations view security as their number one priority when moving workloads to the cloud, but many are failing to take advantage of native security and compliance tools, according to Sumo Logic.
The log management and analytics firm gathered data from over 1500 customers around the world and found that just 43% of European firms used Amazon Web Services CloudTrail tool, compared to over 51% in the US and 58% in Australia.
This is a missed opportunity, especially when firms are increasingly using new technologies like containers which could be exposing them to greater risk, according to the vendor.
In fact, Docker adoption in AWS is higher in Europe than US or Australia — nearly 27% of firms in the region are running the popular container platform, versus 24% in the US and 18% in Australia.
Adoption of serverless computing service AWS Lambda has almost doubled globally from 12% of Sumo Logic customers in 2016 to 24% in 2017.
Unlike traditional VMs and workloads, which can be updated, containers are replaced in order to deliver security patches, but their sheer volume and the fact that they are only temporary can expose them to attack.
Reports recently emerged of hackers exploiting unsecured containers to install crypto-mining malware, for example.
Sumo Logic’s CTO, Christian Beedgen, argued that the biggest cloud security challenge is cultural.
“Developers can implement their applications on cloud and scale up really quickly, but this can lead to security processes and procedures getting overlooked,” he told Infosecurity.
“NoSQL and other databases have to be implemented securely, and they have to be encrypted. These are basic steps that AWS and the like support, so it’s a case of making use of the tools that are available.”
Other tools offered by the public cloud giants which organizations should be taking advantage of include: automated security assessment service Amazon Inspector, IP traffic monitor Amazon VPC Flow, unified security management and threat protection service Azure Security Center and remote network monitoring service Azure Network Watcher.
Beedgen also pointed to functionality allowing automated set-up of roles with minimum privileges, and AWS Key Management Service (KMS) to ease data encryption.