PIMN voor beter identity management
Blog CASecurity, or lack thereof, is one of the largest reported inhibitors to cloud adoption.
But recent research conducted in part by Vanson Bourne on behalf of CA Technologies showed otherwise – security wasn’t really an issue for organizations with at least one year of cloud computing experience.
Vanson Bourne director Kevin Withnall and project manager Jimmy Mortimer offer their take on the real story with cloud and security.
In this survey of 542 organizations worldwide, security didn’t seem to be as much of an issue as it is widely reported to be. How do you explain the discrepancy between perception and reality?
JM: We were interviewing those organizations that had adopted cloud or in the process of adopting cloud.
If we’d focused on those organizations that have yet to adopt cloud, I think almost certainly the prime or at least one prime reason for not adopting would have been security.
Security, as other studies have shown, would have definitely been the largest concern and the largest reason for not adopting cloud.
What happens between evaluating cloud and adopting cloud that creates such opposing views regarding cloud security?
JM: A certain change has taken place over the last few years. Organizations are naturally very nervous about moving their data offsite; they have security worries about whether they will be able to access the vital data if it’s out of their control and in some cases, they are worried about other people accessing their data who shouldn’t.
But as industries have become more educated and more accustomed to using cloud, they’ve realized that their security concerns are either being dealt with or are, in fact, perhaps unfounded.
As more organizations adopt cloud, does security become less of a perceived issue?
JM: This is probably due in part to cloud suppliers pushing their message out about how security is not a concern, communicating this more clearly to potential customers.
But at the same time, organizations have had some experience with the cloud and perhaps have been able to deal with the security concerns directly.
I think security is still an issue for those who have not adopted cloud and it is seen as a potential barrier to adoption.
In reality, however, security is not a major challenge and it certainly isn’t as big a challenge as it once was.
The same research that showed respondents saying security was better in the cloud in some cases, still listed security as the number one reason not to move an application to the cloud. How do these data points coexist?
KW: Security is still a challenge for those who haven’t yet adopted cloud and probably for those that are in their early stages of cloud adoption, say, the first six months or so.
They are still not using mission-critical apps in the cloud; they’re still in the test and development phase. They are doing that because if there are any security issues, they can control the damage.
I still believe security is the underlying issue that prevents organizations from moving to the cloud and prevents full uptake of cloud within an enterprise organization.
It’s just that the organizations interviewed for this survey were two or three years into cloud uptake and cloud utilization and no longer recognized security as a prime concern.