With daily security breaches and cyberattacks dominating the headlines daily, it’s no wonder that organizations globally are still tentative to move away from physical servers/on-premises data storage. Though most businesses are familiar with cloud as a principle, there is still ambiguity surrounding what exactly the technology has to offer.
Our latest report, “The Road to Data in the Cloud,” found that one in four executives (25 percent) surveyed believe that data cloud adoption would result in a lack of control and increased security breaches.
The fact that the public cloud, by definition, shares resources between different customers may be one reason why these fears still exist in 2017. However, just because the public cloud is publicly accessible does not mean an organization’s infrastructure can be easily breached.
Arguably the biggest security risk to an organization’s network is human error. Security flaws overlooked because of time, resources or expense are precisely what cloud hosts are built to handle. They are comprised of highly trained staff experienced in dealing with security issues, as opposed to often time-poor and under-resourced in-house IT departments.
Another common misconception is that there is only one road to cloud. Despite public cloud receiving the most attention, there are multiple models to choose from, including hybrid, private and community. Each delivers a variety of security, availability and portability requirements to suit organizations’ specific needs.
Just because the public cloud is publicly accessible does not mean an organization’s infrastructure can be easily breached.
So, back to perception versus reality. Gartner predicts that by 2018, 60 percent of organizations that implement cloud visibility and control tools will experience one-third fewer security failures than an on-premises provider. And while cloud computing doesn’t eradicate the risks to sensitive data, it does reduce the overall security scope by taking care of traditional tasks such as security patch testing that require frequent resource. It also provides a good opportunity to implement new methods and habits among employees to tighten up security processes.
Indeed, perhaps the biggest cloud services misconception is that they are there to protect business. The fact is that responsibility for security will always be shared with the customer. Again, it all comes down to people. The reality is that only a fraction of security incidents that have affected organizations using the cloud are due to provider misconduct. Therefore, it is up to CIOs and CDOs to establish the security processes that prevent mistakes arising from poor cloud practises enacted by inexperienced users.
Fulfilling Cloud’s Potential
Now that we’ve surmounted cloud’s most widespread challenge, we turn our attention to the opportunities it presents — one of the primary reasons being business and employee productivity. IDC says that removing barriers to cloud computing in Europe will result in an estimated $625 billion worth of growth. In addition, cloud computing can enhance customer experience, improves agility and offers on-demand resources and scalability. So, what have companies got to fear?
While it’s understandable that security is many organizations’ main concern, it must be recognized that the benefits outweigh the risks. To allay concerns, organizations should take a strategic approach to cloud security. With the right internal security processes in place — namely highly skilled people equipped to handle the ever-evolving threat landscape — organizations need not fear the cloud, but instead reap the advantages of increased productivity and efficiency.
The cloud is surprisingly susceptible to myths, but if you only take away one truth today let it be this: Organizations are in total control of their security, not the cloud. The one surefire way to mitigate risks? Hiring and training people with the security skills to protect your business’s applications.
Marc is Teradata’s™ Director of Cloud Strategy and is Teradata's resident Cloud Evangelist. Prior to Teradata Marc worked at cloud startups as well as a cloud consultant. Marc is a veteran cloud strategist and speaker who has participated in countless webinars, panels, and seminars as a featured expert on all topics cloud. He is the committee chair for a Cloud Conference in San Diego and nurtured its growth to what is now an important regional event. Marc’s style is to challenge preconceived notions about cloud services and engage his audience with humor, insight, and uncommon sense. He has worked successfully with multiple cloud start-ups, VARs, and MSPs to help them with their cloud services.