by Randy Davis, Vice President, eGistics
The primary reason companies cite for not taking advantage of Cloud services is concern about security. So it comes as a bit of a surprise when security analysts say, "Don't let security concerns stop you from migrating appropriate pieces of your IT operations to cloud-based services," as they did in a recent InformationWeek Analytics report of Cloud Security (5 April 2011). Of course this advice comes with fair warning about doing your homework, and hinges on the word "appropriate."
The authors of the report point out that better security is not a reason to move to the Cloud, but undue concerns about security is not a reason (in many cases) not to, either. Still, in a recent survey, 53% of 208 respondents not planning to move to the Cloud cite security as a primary reason for not doing so. The InformationWeek Analytics report suggests that their concerns may be misplaced, and based on old data.
The fact is, remote hosted services have been around for years, hosting billions of items of data for highly security-sensitive companies (like financial services companies processing check and credit card transactions) and doing so in a proven, secure environment. If financial processors trust your transactional payment data to the cloud, why wouldn't you trust, say, your business forms to the cloud?
Some Cloud providers can provide better security than you can, believe it or not. They've already addressed, through extensive cost, time and effort, the requirements of the Payment Card Industry, or SAS70, or HIPAA.
So the report concludes, it's not a matter of whether the Cloud is secure, it's a matter of (as in any business environment) whether your chosen partner has adequately addressed your specific security concerns. You may be pleasantly surprised to learn that they have.
Let us know if you agree, or whether you have security concerns that cannot be addressed by Cloud service providers.
