A reason commonly
cited against cloud adoption has been security and there are enough statistics
to suggest that about 50% of customers who were unwilling to move to the cloud
had stated data security as a reason.
However, per a Microsoft study, the reality is quite different
for those who have already adopted the cloud. The other advantages (such as
greater service availability, lower cost and quicker time to market) were
rather obvious but even data security has improved upon movement to the cloud
(at least true for small and medium enterprises). To put it simply, the cloud
has offered better security features that would otherwise have been very
expensive to implement on premise and that security systems always stayed up to
date is ensured as well. This was an observation in the Microsoft cloud
trust study (http://www.microsoft.com/en-us/news/download/presskits/security/docs/TwCJune13UK.pdf)
that stated that 91 percent of SMBs who have moved to the cloud have mentioned
that the security of their organization had been positively impacted as a
result of cloud adoption.
However, Gartner had something a little different to say
altogether in its news release in the last week, where it stated: “through 2015,
80 percent of IT procurement professionals will remain dissatisfied with SaaS
contract language and protections that relate to security“.
See http://www.gartner.com/newsroom/id/2567015 for the full press release. This
report mentions that terms on data recovery and data integrity should be as
clear as possible and stated upfront in the contracts that are signed, which
are really not the case currently.
On another note, in the backdrop of the PRISM revelations,
security on the cloud has become a much more discussed point (the volume of
these conversations have got a lot louder). However, unlike what conventional
thinking would like us to believe, this actually is leading to a huge opportunity
for markets where cloud adoption hasn't taken off yet really, such as Europe
for example. Local on-site clouds in various non-US localities could
start taking off and even nationalistic clouds in non-US geographies could
become a real possibility. European providers (who don’t come under US
jurisdiction) could start to take on the likes of Amazon. Simon Wardley, an UK
based researcher for the CSC had actually this to say: “Do I like Prism .. yes
and god bless America and the NSA for handing this golden opportunity to us.”
His blog goes on to state how this was going to benefit cloud adoption in
Europe: http://blog.gardeviance.org/2013/06/on-prism.html.
Cloud adoption is inevitable eventually but the verdict on security on the cloud
is still to be seen. However, we don't have to wait for very long to see
how this will turn out and according to me the PRISM episode is not only going
to help speed up the addressing of security concerns but also will impact the
adoption of the cloud positively.
