Companies Reveal Mixed Feelings About Cloud Security
Barcelona, Spain — Oct. 10
Symantec Corp. announced the results of its 2011 State of Cloud Survey, which examined how organizations are adopting cloud computing and dealing with the changes it can impose on their approach to managing IT.
According to the survey, based on 5,300 responses from 38 countries worldwide, organizations have mixed feelings when it comes to security, with a majority ranking it as both a top concern and top goal of moving to the cloud. The survey also revealed that IT organizations may not be adequately prepared for the move to the cloud, as almost half of the respondents said their IT staffs are not ready at this time.
“These survey findings reinforce what our customers are telling us,” said Francis deSouza, group president, enterprise products and services, Symantec. “Security is one of their top concerns when it comes to moving to the cloud. To be confident in the cloud, IT organizations must take measures to ensure they have the same visibility and control of their information and applications whether they are in the cloud or residing on their own infrastructure.”
Organizations Torn Over Security
According to the survey, organizations are conflicted about security — rating it both as a top goal and as a top concern with moving to the cloud. Eighty-seven percent of respondents are confident that moving to the cloud will not impact or will actually improve their security. However, achieving security for cloud environments is also a top concern for these organizations, which cited potential risks including malware, hacker-based theft and loss of confidential data.
“With the cloud, everything depends on how you secure your data,” said the CTO of a small technology company. “If there’s no security, there’s no point in moving to the cloud.”
IT Staff Not Quite Ready for the Cloud
Despite a great deal of consideration, many organizations claimed they are not ready to adopt the cloud. The minority of respondents (between 15 and 18 percent) rated their staff as extremely prepared for the transition to cloud. Almost half of the respondents said their IT staffs are not ready at this time.
Part of the reason for this readiness shortfall is lack of experience, as just 25 percent of IT teams have any cloud experience. As a result, most organizations are turning to outside resources for help. In fact, when deploying hybrid infrastructure or platform-as-a-service, about three in four respondents said they are turning to value added resellers (VARs), independent consultants, vendor professional services organizations or systems integrators.
Few Have Crossed the Finish Line
Many organizations are talking about moving to the cloud, with 75 to 81 percent at least discussing all forms of cloud. Notably, the study found a high interest in cloud services. Seventy-three percent of respondents have adopted or are adopting some sort of cloud service, with security services leading the way. The top cloud services companies are adopting include email services, such as management or security; security management; and Web and IM security.
However, few have fully migrated to the cloud. Less than 20 percent reported having completed implementing each of the cloud focus areas covered by the research. About one in four organizations are currently in an implementation phase. About two-thirds are still in early discussions, trials or not considering a move to the cloud at all.
Reality Not Meeting Expectations
The survey discovered that organizations having implemented cloud technologies are not seeing the results/benefits they had anticipated. Eighty-eight percent expected the cloud to improve their IT agility, but only 47 percent said it actually did. Results also fell short in the areas of disaster recovery, efficiency, lower operational expenses and improved security.
Take the lead in embracing cloud computing. IT needs to take a proactive role in embracing the cloud. Too many IT organizations today are taking a slow, methodical, conservative approach to moving to the cloud. As an IT leader, you should maintain control of important aspects such as security, availability and cost. That’s hard to do unless your staff has received the proper training and preparation.
Set information and application tiers. Not all of your information and applications are created equally. Perform an analysis and place your information and applications into tiers to determine what you feel comfortable moving to the cloud.
Assess your risk and set appropriate policies. Assure critical information is only accessible by authorized users and that critical information doesn’t leave the company. You should also make sure cloud vendors can meet your compliance requirements. Finally, assess potential cloud vendors for operational issues such as high availability and disaster recovery abilities.
Get started now. You don’t have to take an all or nothing approach to cloud computing. Leveraging cloud services are an easy first step to moving to the cloud. While it may take time to prepare to move business-critical applications, you can start immediately with simpler applications and services.