Ovum Cloud Security
Tim Jennings, an Ovum analyst, has declared that although there are many fears surrounding the security of the cloud, the increasing number of data breaches is more likely to influence enterprise transition to the cloud. This trend exemplifies the increasing level of maturity of the cloud environment. Jennings commented in a blog,” “Given that data security and privacy concerns have been an inhibitor during the early stages of cloud adoption, it is somewhat ironic that the continued spate of high-profile customer data breaches is likely to push more enterprises toward cloud services. One can envisage, therefore, pointed conversations within boardrooms as CIOs and chief security officers are questioned about the likelihood of their organizations being the next to suffer reputational damage through the exposure of customer data. Many organizations will conclude that using the expertise of a third party is a more reliable approach than depending on in-house resources.”
To a certain extent, some degree of vulnerability will always be prevalent. Jennings added, “Many have been like rabbits caught in the headlights, seemingly having little insight into the root cause of the failure, the extent of the consequences, or the actions required for remediation.”
Outsourcing to modern cloud providers appears to be the logical move. Cloud providers have invested large amounts of money into the security sector, covering areas from the physical security of a center to encryption of customer data and advanced security intelligence.
While it is unrealistic for large companies to replicate this sophisticated cloud environments created by experts, adopting a public cloud environment is not always safer. “It may be that enterprises prefer to use either an on premise or virtual private cloud, while still taking advantage of a specialist provider’s management and security capabilities. Nor does it mean that the responsibility for security and customer data passes away from the enterprise—even though the delivery of these capabilities is in the hands of the third party, governance and control must be retained in-house.”