IT disaster recovery, cloud computing and information security news

Cyber security incidents and misconceptions both increase as critical ERP systems migrate to the cloud

The Cloud Security Alliance (CSA) has released the findings from its first research survey on ‘Enterprise Resource Planning (ERP) Applications and Cloud Adoption’. The study offers insight into cloud preparation and migration, the features and benefits gained, and the security and privacy challenges for ERP systems in a cloud environment.

According to the survey, 69 percent of organizations are migrating data for popular ERP applications to the cloud, moving to major cloud infrastructure-as-a-service providers, with the overwhelming majority, almost 90 percent, stating that these applications are business-critical.

In line with the top three migration concerns - moving sensitive data followed by security and compliance - the research finds that attackers are evolving, too. Over half of the survey respondents stated that they expect security incidents in the cloud to increase in the next year.

When it comes to accountability, there are troubling misconceptions: while 60 percent of survey respondents claim that they feel the cloud service provider is responsible for a breach, 77 percent believe that it is the responsibility of the organization itself to secure their ERP applications. Third-parties are held least accountable and responsible. This perception gap shows that organizations need to take more ownership of their cloud-hosted business-critical applications.

The study, which was sponsored by Onapsis, surveyed 199 managers, C-level executives, and staff from enterprises in the Americas (49 percent), APAC (26 percent) and EMEA (25 percent).

Other key findings included:

  • Americas (73 percent) and APAC (73 percent) were more likely to report that they were currently migrating business-critical applications to the cloud than those in EMEA, where regulations such as the European Union General Data Protection Regulation (GDPR) impacted organizational plans for technology purchases, cloud services, and third-party policies.
  • Companies are taking added measures to protect their ERP applications in the cloud, including identity and access controls (68 percent), firewalls (63 percent), and vulnerability assessment (62 percent).
  • On-premise models (61 percent) are employed most commonly, with cloud SaaS (41 percent), cloud IaaS (23 percent) and cloud PaaS (17 percent) following.
  • Listed among the benefits of moving to the cloud were scalability with new technologies (65 percent), lower cost of ownership (61 percent) and security patching and updating by the provider (49 percent). Barriers listed were moving of sensitive data (65 percent), security (59 percent), and compliance challenges (54 percent).

Read the full report (registration required).

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.