Enterprises have quickly grown comfortable with both the concept of cloud, and their service providers' abilities to deliver secure and professional solutions with integrity, a new study by CloudPassage suggests.
As a result, organizations are adopting cloud, including 41 percent using public cloud servers for external applications -- a trend that will grow next year, the cloud server security provider found.
Andrew Hay, chief evangelist for CloudPassage, told me in an interview last week that within the past year, IT professionals have grown more comfortable with public cloud.
In 2011, the survey showed that 16.4 percent of respondents claimed that they had 'no security concerns' about utilizing public cloud architectures. That dropped to 5.5 percent in 2012, showing a healthy dose of skepticism and fear presented by cloud architectures.
The results of CloudPassage's report complement research firms' cloud spending projections: IDC, for example, predicts that $1 of every $5 will be spent on cloud-based software and infrastructure by 2016. Gartner expects software-as-a-service (SaaS) and cloud-based business applications will reach $32.2 billion that same year, compared with $13.4 billion in 2011.
For organizations to continue expanding their cloud investments, they must obviously be reaping their own returns on investment, and be satisfied with the partnerships they are forging -- especially in areas as sensitive as hosted data, applications, and datacenters.
CloudPassage's study supports this theory, in part because most of the 200-plus IT professionals who were polled have seen their cloud security fears assuaged over the past 12 months. That's not to say everyone is worry-free: 23 percent of those surveyed said they are concerned about the lack of perimeter defenses and network controls in the public cloud.
In last year's study, 44.7 percent of those queried voiced the same worries. Within a year, the percentage has dropped dramatically, to a point where today, more than three-fourths are comfortable that these security issues have been addressed.
The study found other ways enterprises are growing secure with cloud, including public cloud. Hay continued:
The biggest change from 2011's survey was the respondents' concerns about the provider having access to guest servers. 2012 showed that only 8.0 percent of respondents held this concern, compared to 24.3 percent in 2011.
The lack of perimeter defenses and/or network control responses slipped from 2011's 44.7 percent to 23.4 percent in 2012. This could be indicative of users growing comfortable with the lack of network-based security controls in cloud environments, or perhaps the responsibility for security was shifted to a third-party provider to manage.
IT departments may have increased their internal cloud education, perhaps retraining or adding new staff knowledgeable in cloud architectures, said Hay. Eighty percent of those surveyed were aware that security of their infrastructure-as-a-service (IaaS) cloud server is an internal responsibility, not their cloud service provider's, and that knowledge and preparation may generate a better sense of security.
According to Hay, organizations can take additional steps, especially surrounding compliance and regulatory concerns:
To better help their customers, auditors and assessors will need to ramp up their cloud knowledge ahead of official guidance from regulatory entities such as the PCI SSC. There are numerous training classes and free training resources available from well-respected organizations such as the SANS Institute, the Cloud Security Alliance, and other independent sources that can help expedite the knowledge transfer.
No matter what the deciding factor is -- trust in their cloud service providers, more internal cloud expertise, partnership with a security provider, or a combination of reasons -- it's apparent that members of the cloud community are stepping up to empower organizations to securely implement this compelling technology.
I have used many cloud services in the enterprise. While more IT support can be good I still worry about management - account management; pruning access to former employees; services with one account and shared passwords; backup policies etc.
Allowing cloud services and managing cloud services are two different things.
Well there you are, Kim. Exactly, which is what can happen if you don't understand and design the redundancies necessary to maintain and deliver that trust. That's exactly why many need more information.
Agreed, Mich. A clear definition, and maybe a couple of architectual designs, that show the advantages and disadvantages of different designs, would advance the adaptation and wider spread use.
I agree with Kim and you, migration to the Cloud seems the way to go, but I would add that besides design and development, companies need information, clear information on what is the Cloud, how to choose a Cloud provider, and what this migration implies. At www.bell.ca/enterprise/EntPrd_Inf_Landing.page you can find some white papers and assessment tools
I wonder if IT is getting *too* comfortable. Are they taking appropriate security, liability, regulatory, privacy, disaster recovery, and other precautions?
23% are worried -- but are they taking appropriate action?
I suspect that more and more functions will migrate to the cloud, almost without businesses realizing it; that people will wake up one day to find that security concerns, though real, didn't stop cloud adoption.
With nearly one in four expressing security concerns about cloud services, one wonders how long it will take before that percentage goes way down. With such a significant number showing some concerns, it may take years before most feel comfortable in the cloud.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Precor, which makes exercise equipment for gyms and homes, needed to transform itself into a cloud services provider in order to keep up with the changing demands of its customers.
Like other leading technology-using businesses, Walmart is starting to look like a vendor in its integration of the latest technologies to serve its customers. That's what led it to buy two Silicon Valley cloud startups this week.
IT executives are worried about business units that use social media, Dropbox, Skype, and other public clouds without working through IT. This "cloud sprawl" creates concerns about security, compliance, and other potential problems for the enterprise, according to a study.
Cloud computing helped Netflix score a big win this week, meeting a thousandfold increase in demand and driving the Internet video service provider back to profitability. It provided Netflix with "availability, scalability, and cost savings," chief executive officer Reed Hastings wrote in a letter to shareholders.
Multi-tenant clouds assure security for clients, but not necessarily for their ideas. Here's one thing you should discuss with your cloud provider before you sign on.
With 24/7 processing and business continuation paramount, more organizations are considering having three datacenters, where primary and secondary datacenters are in their immediate region and a third is in a remote geography. Why? To avoid repercussions of a major disaster that could hit every IT resource in a specific region.
What kinds of companies are doing the most innovation in the data center? Turns out it's midtier enterprises that are taking the "Just Right" approach.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Cisco's rumored sale of Linksys suggests we may have problem with innovation and profit at the edge of our Internet, and that could be critical to the evolution of many Internet-delivered services.
Enterprises are discovering that using social networking within the secure setting of a SaaS provider's network gives them an unusual opportunity to freely collaborate with partners, suppliers, and even competitors.
All the recent hoopla about cloud security overlooks an important point, which is that it's not strictly a cloud problem. The linkage of online services into cooperative chains creates the risk, and only biometrics and federation of providers can save us.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The automotive website uses propensity modeling to target ads and customer registration forms, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
Email This
