Cloud computing has the potential to revolutionize our IT needs, allowing companies of all shapes and sizes to cut their IT budgets without compromising their technology requirements. However, take up for cloud computing has been slow and it would seem that security fears at the heart of it.
Many businesses are turned off from using public cloud services whilst fears over the security of sensitive data and applications exist. Public cloud hosting services are now well established but experts still point to it taking up to 2 years for all potential risks to be identified and security improved sufficiently for businesses and enterprises to have enough confidence to use a cloud service.
Even the release of a summary of the strategic security issues within a cloud service by the Cloud Security Alliance (CSA) has done little to allay fears. This report issued earlier this year looked at the strategic and tactical security issues facing any data center which provides cloud hosting services, along with recommendations to deal with them.
Despite the low uptake, confidence within the industry is growing as the biggest security firms have issued notice of pending product launches which are aimed at solving many of the problems associated with cloud hosting. For customers this is a big change in the way security issues are being addressed as typically they are forced to take up a new service before any consultation on security has occurred. Instead of dealing with security problems on a ‘as they happen’ basis, they are instead looking at security pro-actively and putting measures in place before businesses take up a service.
A study by Aberdeen Group’s Derek Brink was published in July of this year. The study called ‘Security and Cloud Best Practices’ talked to 110 IT business, yet almost half of these said they were pushing cloud providers to apply adequate security measures before they will switch. Trust within the industry is fairly low at present however, analysts do point out that there is little evidence to show that security within a public cloud is poor.
In the fact, studies have proven that cloud hosting structures provided today are often more secure and able to deal with any attacks far better than most private networks. But businesses are still reluctant to sign up with less than 170 of 500 surveyed by IDC in August of this year saying they thought a cloud hosting provider’s security was more secure than their own in-house architecture. This comes in direct conflict with those who have made the move to cloud services who say they are confident that their providers offer better security than their own IT department could deploy.
It would appear then that there is still some confusion about cloud hosting and the level of security if can offer. Providers have done little to build confidence with most remaining silent about their security measures, partly because they do want to divulge those practises which give them an advantage over their competitors and partly because divulging their security practises could leave them open to attack.
This it seems could be the deep rooted problem. If providers are not forthcoming about their security practises and the depth to which they run then businesses will not be satisfied that a provider is doing enough to ensure security of data and critical applications within a cloud environment. It may only be through certification by third parties such as ISO 2077 that businesses will gain sufficient confidence that providers will deliver on their security promises to take up cloud services.
News article written by Georgina Clatworthy, a freelance writer working on subjects related to business, IT and technology. I am not associated with Quality Tech but I can recommend them for secure hosting services to suit any business need.
