Security is major inhibitor preventing cloud adoption by firms

15 Dec 2011

For firms to get serious about cloud computing, they need to get over their fears of their IT’s security being compromised.

Their fear is far from irrational. This was the year that saw a devastating cyber attack take place on Sony’s servers, with hackers accessing information on more than 77m users. The Sony Online Network (SOE) was also hit.

This is also the year that saw greater co-ordination amongst hacker groups, with networks like Anonymous and LulzSec taking on targets such as RSA, Nintendo, Lockheed Martin, Gmail, Citigroup and the US Senate.

A recent survey of Irish IT managers and CIOs by Deloitte found that adoption of cloud computing was relatively low (33pc) this year, however, more than half of CIOs indicated their intention to increase the use of cloud.

Despite these sentiments, there has only been a minor increase in usage recorded in 2011 (40pc), with software-as-a-service (SaaS) accounting for more than two-thirds of cloud usage (45pc in 2010).

Data that’s in the cloud

The only type of data CIOs are more likely to hold in the cloud in 2011, compared to last year’s survey, is employee data. Customer data, supplier data and billing information have seen the greatest falls in likelihood, presumably attributable to data security fears.

According to the 2012 Global State of Information Security Survey by PricewaterhouseCoopers, the rise of cloud computing has improved but also complicated the security landscape.

Nearly half of 10,000 business leaders surveyed globally believe that the onset of cloud technologies have improved security. However, nearly a quarter believe it has increased vulnerability.

“Hacking wasn’t something created by the cloud,” says Dell Ireland country manager Dermot O’Connell. “Hacking has been there since computer networks began.

Hacking will go on and there will be more malicious code attacking systems.

“Under all the disciplines in IT, security is where you need the expertise and any firm should look for that expertise among providers if they are embarking on a cloud journey.”

O’Connell points to Dell’s recent acquisition of SecureWorks, which enables it to block attacks by hackers on corporate servers.

pull quote

Dell’s senior VP of engineering and technology for EMEA Don Smith encourages businesses to fully consider the implications of moving their IT systems outside the organisation in order to prevent security breaches.

“One of the biggest threats with cloud computing is that data is taken outside the traditional parameters of the ‘office’, and a security breach could easily happen without you knowing. There can also be security complacency on behalf of the businesses as they often assume that, as everything is behind a firewall, it must be secure. Unfortunately, even though vendors often offer ‘cloud management solutions’ these usually don’t provide adequate protection.

“Whatever type of outsourced service is used, a formal risk assessment should be conducted to give full visibility of your information assets and vulnerabilities. This ensures you know what you’re being exposed to, and where the high risk areas sit. Ultimately, what’s required is a layered and balanced approach to security.”

Security and the cloud

Jeremy Showalter, information worker lead at Microsoft in Ireland, notes that firms are making a bet on cloud computing because it offers more opportunities for better security. He points to accountancy and HR software vendors that are subscribing to Microsoft’s Azure platform as a way to reach new markets.

Marc O’Dwyer, managing director of Big Red Book, an Irish software company that is part of Microsoft’s Azure programme that enables it to securely sell its accountancy software via the cloud to 52 countries worldwide, believes the security reach afforded by platforms like Azure will ultimately help firms make the move.

“The fact that data is in the cloud means it is accessible anytime, any place. If something happened and the data centre goes offline, my data and my customer’s data and applications are replicated in other data centres around the world. So our data is backed up.

“The flexibility of cloud will ultimately decide firms to take the leap. Consumers right now are more willing to use the cloud and web for purchasing and acquiring information, businesses will and are making the journey.

“We embraced cloud computing to expand our reach to new markets.

“If Irish businesses don’t embrace the capability of the cloud, they’re going to miss out on opportunities to bring in new revenue and win extra business,” O’Dwyer says.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years