In a recent survey on cloud computing of 300 corporations worldwide by Information Technology Intelligence Corporation, 38 percent of respondents said that they are unsure about adopting cloud services, and another 47 percent said they are not considering the cloud over the next 12 months. The main reason cited for not using cloud services was security.
I am not sure that the numbers are indicative of the entire IT industry, but I do agree that security is a concern. And of course, there are a few options that can reduce the security risk, including, in some combination, encryption, VPN, building an ExtraNet, SSL, and HTTPS, depending on the vendor and the type of data you are sending through the cloud. ITIC says 83 percent of survey respondents said they would require "specific guarantees" of the safety of their mission-critical data, and 62 percent would want multiple access paths. These safeguards wouldn't be out of the ordinary. And to make sure all possible protections are in place and satisfactory, a company needs to move slowly when adopting the cloud. A great place to start might be e-mail or CRM data.
Many of you who read my blog on a regular basis know that I teach security at Drexel University in Philadelphia, Pa. Currently, I am teaching Disaster Recovery and Business Continuity. Putting security aside for a moment, I feel that the cloud offers an excellent recovery option. Think about it: If something were to happen to your facility and you needed to relocate, you could still access your data with just a connection and no recovery effort. This benefit might be the one to convince IT folks who are not ready to place their trust in cloud providers for daily operations. The threat of one type or another of disaster is always present, but keep in mind, as Carl Weinschenk recently wrote, that we are in hurricane season.
The reality is that security is a concern whether you are using the cloud or not. If your company decides that it makes sense to adopt the technology, then put the solution in place along with the proper security measures. Is your organization using the cloud? If so, let me know what you are using it for. If not, why not?