Many businesses are still not comfortable with the idea of storing sensitive and mission-critical data in the cloud, even as more experts claim that cloud-based services can provide equal, if not better, data protection than most on-premise solutions.
A new study from Massachusetts-based storage company Nasuni found that data security remains the greatest hurdle for widespread cloud adoption. In a survey of more than 450 IT decision makers in North America, 81 percent indicated they aren't confident in the cloud's security, while 48 percent expressed concerns with losing control of information stored in the cloud.
Nevertheless, the hype surrounding the cloud is proving too powerful to ignore, as Nasuni found 43 percent of surveyed IT executives plan to move data to hosted solutions within the next 12 months. On one hand, this could be the result of the highly publicized cost efficiency and performance benefits of the cloud. On the other, businesses might see no better option than to make the transition.
According to Chris Glew, product evangelist at Nasuni, even businesses still harboring concerns about the cloud may be better off making the migration sooner rather than later. In a press release, Glew stated that businesses that wait to deploy cloud-based services may find their employees adopting less secure, consumer-grade solutions without the blessing of the company.
"[IT executives] clearly understand the promise of cloud storage for cost savings, off-site backup, unlimited scale, simpler IT management and on-demand provisioning, but they are also rightfully concerned about the security of their data and whether they have control over it at all times," Glew said. "Unfortunately, this will not deter users who, eager to realize the benefits of cloud storage, are all too often willing to use consumer-oriented offerings without IT's permission."
Two questions that remain, however, are whether IT executives' concerns are valid and, if so, what can they do to counter such insecurities?
To the first point, more IT industry experts now claim that the cloud is not necessarily as insecure as some make it out to be. Increasingly, as companies become more familiar with the technology, they are realizing that some cloud solutions can actually bolster data security, as service providers have the resources and expertise to dedicate to protecting a customer's information more effectively than the customer itself. Additionally, the cloud can remove some of the security responsibility for the customer, allowing it to focus on other matters, like revenue generation.
However, this does not mean that cloud-based models are not impenetrable. Several cloud computing hacks have been highlighted in headlines this year, including attacks on Citigroup and Sony's PlayStation Network. Cloud outages, like the one that befell Amazon's Elastic Compute Cloud in April, have compounded fears, leading some companies to believe the cloud to be unreliable.
So, evidently, there is something behind concerns of the cloud. If a company cannot access its mission-critical data, it risks stalling operations and therefore losing business. Customers and business partners, as well, might see this as a vulnerability on the company's part, thus damaging its reputation.
This highlights the second question: What can companies do to counter the cloud's insecurities? As Nusani's report showed, employees are going to move to the cloud with or without the company's consent, so it would be better for the business to have some sort of action plan in place to prepare for this inevitability.
Perhaps the best way to ensure that mission-critical does not get accessed through the cloud is to not put it in the cloud to begin with. The cloud can be an ideal solution for reducing storage costs, but a company should be selective about what information it stores there. Less sensitive data that won't severely impact the business if it is lost or breached may be better suited for cloud-based solutions, while more critical information can be stored in-house or though measures with which the company is more comfortable.
Encryption, network monitoring and other access-controlled methods can add a further level of protection to information stored in the cloud. These can ensure that data isn't viewed by unauthorized parties, or if it is, they can identify where the data is being accessed from and whether it's internal or an external breach.
In a report released early this week, research firm Global Industry Analysts estimated that the global cloud computing services market would reach $127 billion by 2017, driven by desires for greater mobility and business continuity. So despite hesitation about the technology's data protection, it appears businesses will move ahead with their cloud deployments. Whether they will take the necessary steps to protect their data, however, remains to be seen.
Cloud Computing News from SimplySecurity.com by Trend Micro
