Though cloud computing has been on the rise for years, several obstacles still block its widespread adoption. Fear of the unknown is a major roadblock, as is compatibility with current IT systems. But the biggest inhibitor of the cloud, by far, is concern about its security.
A May 2011 study from the Ponemon Institute surveyed nearly 650 IT professionals and IT security practitioners and found that 47 percent do not believe that cloud services are evaluated for their security before being launched. An additional 68 percent indicated they believe the cloud is "too risky" to store financial information and intellectual property.
These types of findings have become fairly common, as study after study identifies security implications among the top concerns of the cloud. However, one expert recently suggested that the issue of cloud security is blown out of proportion, and that data protection can be achieved in the cloud as soundly as on any other IT system.
"Secure public clouds are very feasible, and may be more secure than a local IT environment, as cloud providers understand the importance of ensuring the privacy of customers' data and information and can do so in a more scalable way," Alan Dayley, senior director of product management at i365, an online backup services provider, told the Cloud Computer Journal in a recent interview.
Some businesses and consumers are going to continue looking to the cloud, regardless of security, to reduce overhead and improve IT capabilities. However, this doesn't remove the worry that data in the cloud is inherently less safe than that on traditional IT systems.
But, as Dayley suggested, this insecurity may be a misconception, and businesses should embrace the cloud knowing that their data is as safe – if not safer – than with other solutions.
Dayley isn't the first to proclaim the high data security capabilities of the cloud. As businesses become more familiar with the technology, more seem to be finding earlier concerns were unfounded – though not uncalled for, given the relative newness of the cloud.
Additionally, as the cloud continues to grow, vendors seem to be putting more emphasis on securing data, or at least putting more emphasis on marketing security in the cloud.
However, this does not remove the responsibility of the cloud customer from ensuring its data is adequately protected. While cloud vendors may be able to offer more comprehensive data protection capabilities, it is ultimately the clients' job to ensure sensitive information isn't leaked, as they are the ones that will see the backlash from any data breach or data loss incident.
To ensure the utmost security, there are several steps a company should take before choosing a cloud vendor. Top among these measures is evaluating the vendor and the service level agreement. This should clarify who has ownership over data stored in the cloud and, as an extension, who can access it.
Companies should also take inventory of their resources and determine what data is ready for the cloud. If a business is reticent about storing financial information in the cloud, the best approach may be to hold off until such concerns are allayed. Even if cloud vendors do proclaim high levels of security, experts says it is generally better for companies to go with what business leaders are most comfortable using.
Analyst firm MarketsandMarkets estimates that the cloud computing market will grow from $37.8 billion in 2010 to $121.1 billion in 2015. Whether businesses perceive the technology to be safe or not, they seem to be getting on board. As this trend continues, cloud vendors will either have to step up their security practices, or at least demonstrate that such practices are already where they need to be.
Cloud Computing News from SimplySecurity.com by Trend Micro