Information Age: News, analysis & insight for IT & business leaders

Trusting the cloud

16 April 2010  Daniel Shane

The information security concerns holding back the adoption of cloud computing must be addressed with selective adoption, supplier strategy and service level negotiation

Information security concerns consistently rank as the chief barrier to the adoption of cloud computing services – whereby computing functions are sourced from third parties over the web on a highly scalable, utility-billing basis.

A recent survey by IBM is one of many to have reflected this: it found that 80% of CIOs listed security as their chief concern in assessing the viability of cloud services.

And many of those companies that have already adopted cloud computing still have security concerns. A study published by security association ISACA in March 2010 showed that 40% of UK organisations have deployed some of their IT infrastructure into the cloud, but also that a quarter of cloud adopters still feared that information security risks – in the broadest sense, ranging from the danger of data theft through availability and uptime to data protection and compliance issues – may outweigh the potential advantages.

Despite the widespread concern, the issue of cloud security is far from cut and dried. Some organisations even see the cloud as a security benefit: an investigation by standards body The Open Group found that some members had adopted cloud services as a way to overcome the lack of security of their own infrastructure.

Much of the discussion surrounding cloud security is based on supposition; there have been few public examples of cloud computing data breaches. One example is a ‘technical glitch’ at a subsidiary of Microsoft in October 2009 that resulted in the deletion of thousands of users’ mobile phone contact books hosted in external data centres.

But cloud computing services are still young, and high-profile data breaches and privacy scares have made business and public sector IT leaders a cautious breed. The widespread concern surrounding cloud security, combined with often contradictory views and opinions, represents a stumbling block for what many see as the natural evolution of the IT industry.

“There is a lot of fear, uncertainty and doubt surrounding cloud and the risks of security,” says Ray Stanton, head of global business continuity at BT Global Services. He adds that this must be resolved if businesses are to take full advantage of the available benefits: “We have to demystify this.”

Securing the cloud

Many security experts agree that, while it always pays to be cautious, there is nothing inherently insecure about handing data to a third party via the web. Indeed, some argue that the large cloud computing providers are more likely to have developed dependable security procedures than their customers.

“The risk of data theft is fairly minimal,” says John Colley, EMEA director of security professionals association (ISC)2, who explains that it is in a vendor’s best interests to enforce data security. “In terms of protection, the cloud provider has more riding on its services not being compromised than any one individual customer has.”

Continued...


Comments  [1]

Lindsey Kerr
Tuesday 11th May 2010

Daniel makes the important point that cloud computing is still young... but it is coming, and I think it’s about time we embrace it. One provider I work with, PineApp, provides security systems, and had the bright idea to provide their whole line, in addition to hardware products, as SaaS and cloud services, bringing their tested security policies and successful data protection onto the cloud. As a market analyst, I believe this is the current direction of enterprise computing, and the sooner we accept it, the better for us and for the fast development of secure cloud products.

Report this comment »

People who read this also read...

 

White Papers

Read article

'Think Lean' When Developing Management System Documentation

Learn how to efficiently and effectively implement a document management system for your organization.

Read article

11 Hiring Trends for 2011

In this document, you'll get the insider info you need to give potential employers what they want and beat your competition in 2011. You'll learn about the most valuable certifications and the game-changing skills that can lead to more job security and stability.

Read article

12 Hiring Manager Secrets to Getting the IT Job You Want

Learn how you can make yourself a more attractive candidate now with PrepLogic's free 12 Hiring Manager Secrets to Getting the Job You Want.

More

More Features

A problem shared

Unlike the cyber criminals they are trying to combat, police forces, governments and private businesses struggle to collaborate effectively

The wisdom of clouds

A report from Information Age's Cloud Security 2011 conference, including three cloud security case studies

Security detail

New research from Information Age identifies the security practices, processes and technologies that organisations are adopting to protect their information

Defending the nation

Does the UK have the skills to protect itself in cyberspace?

More Features »

Related articles

Changing the barrels

Pub and restaurant operator Mitchells & Butlers recently switched its data centre and network outsourcing supplier to achieve more scalable, outcome-based IT services

What are IT leaders thinking?

Information Age's 2012 reader survey reveals the UK IT management profession's priorities for the coming year

Cloud computing – still gathering

Cloud computing did not see a landslide of adoption in 2011, but concrete examples of cloud in action are now abundant

How to migrate applications to the cloud

Four ways to migrate applications to the cloud, with Gartner analyst Richard Watson

Advertisement
div class="banner">