2012 Survey Indicates the Need to Ease Public Cloud Security Concerns, by Netpremacy - Google Enterprise Premier Partner

Share Article

Findings from a survey conducted by Google and IT Business Edge in 2011 conclude that the biggest issues preventing movement to the cloud are security, privacy and overall costs. These results coincide with the results of a survey of more than 150 chief information officers (CIOs) conducted by storage services specialist Mezeo Software.

This [results from survey] clearly demonstrates that for many organizations the economic benefits of using the cloud outweigh the security concerns. Larry Ponemon, chairman and founder @ Ponemon Institute

Results from this survey suggest the ‘worry factor’ over data leakage onto the public cloud was high with more than 80 percent of respondents rating their concern as an eight or higher on a scale of one to 10, with 10 representing ‘keeps me up at night’. Although it could be argued that employees’ personal decision to use public cloud services and the rise of bring your own device (BYOD) initiatives could be partially to blame for this as these factors were top concern of the CIO respondents. In addition results showed that only 42 percent of respondents said they were actively preventing data from being stored on public clouds.

According to Ponemon Institute 82 percent of organizations already transfer, or plan to transfer, sensitive or confidential data into the cloud environment.

The global study of 4,000 business and IT managers conducted by the Ponemon Institute examines perceptions and current practices surrounding the threats and protection issues relating to sensitive or confidential data in the cloud. Larry Ponemon, chairman and founder comments on the findings: “It’s a rather sobering thought that nearly half of respondents say that their organization already transfers sensitive or confidential data to the cloud even though thirty-nine percent admit that their security posture has been reduced as a result. This clearly demonstrates that for many organizations the economic benefits of using the cloud outweigh the security concerns."

A few key questions to ask yourself when considering a move to the cloud:

  •     How beneficial would it be to further consolidate your security services?
  •     Will the network security solution support your business uptime goals?
  •     What level of protection will your firewall provide?

Organisations have the capability to elevate their migration to public cloud by deciding how relevant an application is as well as the level of security that is needed.
An article by Nari Kanan of PC Advisor provides 10 ways to strengthen public cloud security to support enterprise use, here are a few detailed below.

Evaluate and add security, if necessary.
Cloud service providers (CSPs) provide significantly different levels of public cloud security. The ISO/IEC 27000 series of standards, provides guidelines for systematically examining information security risks, taking into account the threats, vulnerabilities and impacts, for designing and implementing a comprehensive suite of information security controls, and for adopting management processes to ensure that guidelines are followed. Organizations considering moving sensitive applications and data to the public cloud may need to evaluate and compare different CSPs based on these standards. If necessary, security measures that are used in an organization's internal private cloud may need to be extended to their public cloud instances.

Put Security at the Forefront of Your SLA.
How would a CSP customer ever come to know of security breaches? CIOs must ensure they understand how CSPs know when and where security breaches occur. Learn about Google Apps’ SLAs.

Add Encryption.
Organisations are within their rights to employ their own encryption instead of, or in addition to, the ones provided by the CSP. While the CSP will encrypt information that is sent over the public Internet and stored in the public cloud, the CSP will be providing the encryption key. This can make organization uncomfortable. A number of installable products or SaaS vendors can do this type of encryption on the fly. When this happens, only the customer and the third party know the key; the CSP does not.

Spread Risk with Multiple, Redundant CSPs.
It is common practice to procure high-bandwidth Internet connections for an organisation’s data center from multiple vendors, precisely because the need to spread the risk of outages among many providers is high. If one is down, the other has a good chance of being available.

“Finding the right balance between security and performance can be difficult, but achieving it will give your organisation peace of mind”.

Nari Kannan is CEO of appsparq, a Louisville, Kentucky-based cloud and mobile applications consulting company.

AppsCare®, Google Enterprise Premier Partner is a world leader in cloud services provisions, supporting over 2500 customers in 33 countries. AppsCare® comprise 10+ years’ experience deploying technical solutions for organisations of all sizes and geographies utilising their GStall delivery methodology and AppsCare® support programmes. To subscribe to their fortnightly newsletter click here.

Follow @Netpremacy | Follow @AppsCare

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Sophie Woodman
Follow us on
Visit website