Security Concerns Impede Cloud Adoption

451 Alliance

February 20, 2017

  • Share:    
Security Concerns Impede Cloud Adoption

Cloud computing is changing how IT is consumed. The expectation of cloud is 'build faster and run better at a lower cost.' At the same time, the change required, coupled with the complexity and confusion in moving to cloud, represents the biggest IT challenge in decades.

While the mantra 'cloud first' is becoming the 'new normal' for many organizations, significant challenges remain for organizations making this shift - especially those in regulated industries.

Atop the list of key concerns and inhibitors for cloud adoption according to ongoing 451 Alliance survey data - security is the top inhibitor to cloud adoption.

Security Advantages of Public Cloud

Security encompasses the physical IT assets, availability of services, data governance, data protection and more.

Public clouds, such as Amazon's AWS and Microsoft's Azure, are extremely secure because providers have a vested business interest in being as durable as possible.

Advantages of public cloud services include:

  • Access to a large pool of skilled experts that identify, contain and eradicate security threats

  • Availability of incident response and malware protection

  • Performance analysis through security intelligence systems powered by massive compute resources and data sets

  • Choice of multiple deployment models and disaster-recovery profiles (e.g., hot, warm and cold)

  • Embedded security intelligence in 'as-a-service' operations

  • Alerts to subscribers of potential hazards and attacks

  • Public Cloud - A Shared Security Model

    Amazon, Microsoft, Google and other hyperscalers have never lost a significant amount of customer data because they are only responsible for providing the platform, not for holding users' hands.

    Contrast this with a private cloud, where enterprises weigh security in balance with other considerations in the overall investment. It's far more likely that enterprises will cut corners or suffer from security inexperience.

    Public cloud providers' security strategies eliminate as much inconsistency and variability as possible. This includes a clear demarcation between customer responsibilities and provider responsibilities.

    Demarcation of responsibility is a key differentiator between public and private clouds.

    Hyperscalers have a shared security model that puts this responsibility on end users. Cloud providers can secure the infrastructure itself, but end users are obligated to integrate security measures on their own to protect applications and workloads.

    Users can fail by running insecure applications or making poor security choices.

    Public cloud providers make their living by removing uncertainty from infrastructure - not from people.

    Cloud is a Work in Progress

    Most companies are not cloud-native, but as they make the shift to cloud they face challenges that require a new approach to security. It requires a comprehensive, proactive and adaptive threat protection model that is embedded into the fabric of the business.

    Every company has its own unique risk profile, which is the result of being in a particular industry or geography. That profile will reflect whatever legacy, organizational, or institutionalized policies and behaviors are inherent to that company.

    This ultimately is gating their use (or lack of use) of public cloud.

    To receive more articles like this, join the 451 Global Digital Infrastructure Alliance. The 451 Alliance is a member-driven 'think tank' comprised of a worldwide network of highly-qualified enterprise technology and IT professionals. The Alliance tracks changes in corporate IT and digital infrastructure technologies well in advance of other sources and reports findings directly to its members.

    Thanks to our partnership we are able to offer our members a complimentary membership. Membership includes access to 451 Alliance's weekly research reports and a bi-weekly newsletters. Join now!

    Opinions expressed by the author are not necessarily those of WITI.

    Become a WITI Member!

    Are you interested in boosting your career, personal development, networking, and giving back? If so, WITI is the place for you! Become a WITI Member and receive exclusive access to attend our WITI members-only events, webinars, online coaching circles, find mentorship opportunities (become a mentor; find a mentor), and more!

    Become a Member

    Member Coaching Circles

    There are no WITI online coaching circles scheduled at this time. Please check back soon for updates.

    More Coaching Circles

    Our Story

    Founded in 1989, WITI (Women in Technology International) is committed to empowering innovators, inspiring future generations and building inclusive cultures, worldwide. WITI is redefining the way women and men collaborate to drive innovation and business growth and is helping corporate partners create and foster gender inclusive cultures. A leading authority of women in technology and business, WITI has been advocating and recognizing women's contributions in the industry for more than 30 years.

    Read More

    The organization delivers leading edge programs and platforms for individuals and companies -- designed to empower professionals, boost competitiveness and cultivate partnerships, globally. WITI’s ecosystem includes more than a million professionals, 60 networks and 300 partners, worldwide.

    WITI's Mission

    Empower Innovators.
    Inspire Future Generations.
    Build Inclusive Cultures.

    As Part of That Mission WITI Is Committed to

    Building Your Network.
    Building Your Brand.
    Advancing Your Career.