According to a survey by Quocirca, that was commissioned by CA Technologies, research revealed that around 63 per cent of British firms were happy to opt for cloud-based security measures.
“There’s an acceptance of cloud services by these companies,“ said Bob Tarzey, service director at Quocirca,” but there’s also an acceptance that cloud itself can be used to deliver the security needed to run those services safely. We call it cloud feeding cloud.”
The survey produced results from 337 senior business and IT professionals from medium-to-large sized organisations in a range of business sectors across Europe. Though perhaps not a significant sample, the results
“What was interesting were the differences in security concerns according to which sector the company was in,” said Tarzey. “For example, government departments were worried about data privacy laws, while manufacturing and telcos are worried by preserving their IP. Financial organisations are concerned about meeting regulations while retailers want to keep personal identities safe.”
The prioritization of security, compliance, and privacy in the UK, Ireland, or on The Continent, should be of no surprise to anyone that has done business with a European company. Where compliance, security, and privacy take a first, second, and third priority, respectively, in North America, the order tends to be reversed across The Pond – with privacy, security, and compliance reflecting organizational and social concerns.
Some other highlights from the report include:
There is wide acceptance of cloud services as a way to deliver formal IT requirements
Attitudes regarding cloud-based services range from the belief they should be used whenever possible (22%), through those that evaluate them as alternatives to in-house deployments in most cases (35%), those who evaluate them on a case-by-case basis (17%) to those that avoid them as much as possible (23%). A small number pro-actively block such services (3%). An analysis of the enthusiasts versus avoiders shows that the latter lack confidence in their ability to use cloud services securely rather than dismissing them outright as a way to deliver enterprise IT requirements.
Drivers for adoption of cloud services extend well beyond cost savings
Whilst lower cost of ownership topped a list of drivers for the adoption of cloud-based services, this was closely followed by better working practices for employees, improved efficiency and easier external interaction. Access to applications that could not otherwise be afforded was at the bottom of the list, but still significant for many. Needless to say, all of these drivers were of far greater importance to enthusiasts than avoiders.
Blockers to adoption of cloud services varied significantly by industry
Government organisations fear data protection laws, whilst financial services organisations worry about the regulations that affect all the personal data they hold. Commercial organisations, including retailers, worry most about the personally identifiable data they collect. Manufacturers and telcos see intellectual property as a key competitive asset and worry most about that.
Security is a concern for all
All of the top blockers have a security component to them and it is a widely reported fact that data security is the top concern when it comes to the use of cloud-based services. However, the level of concern shown about security is similar for both enthusiasts and avoiders. What the latter worry about is a lack of resources and skills to ensure secure use of cloud services. If these concerns can be addressed then it will eliminate important stumbling blocks to faster cloud adoption by all.
Enthusiasts invest in security technology to ensure they can safely use cloud services
Enthusiasts are far more likely to recognise the importance of a range of security technologies and to have invested in them. This includes the ability to manage identities, provide safe access and filter incoming/outgoing content. 97% of enthusiasts have an IAM system compared to just 26% of avoiders. Enthusiasts spend a greater percentage of their IT budget on IT security (7% as opposed to 5%), reflecting the fact that they see the need for better security but also that their ability to leverage cloud services reduces their top line IT costs.
The key security requirements can be delivered from the cloud too
Whilst the safe use of cloud services requires an investment in IT security, enthusiasts also see the cloud as a source of a wide range of security services. Even avoiders show some acceptance that the cloud can be the best way to deliver single sign on (SSO), federated identity management and identity governance; 30% of them accepted that there were advantages to using identity and access management as a service (IAMaaS), however, the figure for enthusiasts was 92%
Though the survey questions did drift towards supporting CA Technologies’ IAM and SSO-related product lines, the entire spectrum of security concerns in cloud environments can be extrapolated from the kinds of responses provided. The article from CloudPro can be found at http://www.cloudpro.co.uk/saas/5894/cloud-based-security-gets-thumbs-uk-plc and you can download the report from the CA Technologies page at https://www.ca.com/us/register/forms/collateral/the-adoption-of-cloud-based-services-increasing-confidence-through-effective-security.aspx.