Size & Security – Not the same thing at all

A few years ago, cloud computing was being touted as the biggest and best new innovation for companies to increase productivity and cut costs. Fast forward to today and the use of cloud-based core services such as DropBox or Google Mail are almost ubiquitous among smaller organisations. If you’re a small or medium sized company then having the capacity to ‘outsource’ not only your software and its maintenance but also your data storage, means that you can save significant time and money on internal resources.

At the top end of the scale however, the largest enterprises have seen less reason to adopt cloud services. Sharing computing resources doesn’t provide many added advantages if you already require a vast amount of technology to cater for your business needs. These organisations often consider it to be more efficient to source their own dedicated data centres or to self-manage their hardware on-site. There has also been a widespread distrust of the cloud in terms of security, with in-house IT teams instinctively wanting to preserve their control of systems and hardware.

Attitudes are beginning to change however. As the cloud market matures and suppliers continue to improve their offerings, the economics of implementing the technology are starting to stack up for larger enterprises as well. Ironically, given the long-term suspicion of the cloud, one of the most important reasons for this change is security.

[easy-tweet tweet=”Ironically, given the long-term suspicion of the #cloud, one of the most important reasons for this #change is #security.”]

It has taken a long time, but the senior management teams are starting to recognise the potentially disastrous consequences of a security breach for their organisations. Compliance is also becoming more of a headache. Regulations are being tightened up on a regular basis – the EU General Data Protection Regulation (EU GDPR) is just around the corner for example, and this legislation will still apply even after the recent Brexit vote. Thanks to this, in-house teams are beginning to realise just how difficult security and compliance can be. In the FinTech sector in particular, governance and legal requirements can be extremely onerous, and across all organisations there is an absolute need to keep risk to a minimum.

It is becoming much more widely accepted that the real security experts may in fact be those working outside the organisation, rather than within it. In Gartner’s recent predictions for IT organizations and users for 2016 report, the analyst firm stated that “Through 2020, 95 percent of cloud security failures will be the customer’s fault.” Gartner’s suggestion is that it will be weaknesses in the internal procedures of companies that lead to compliance failures and increased levels of business risk, rather than failures of the external providers.

As an example of the investment taking place in security for cloud services, in 2014, Microsoft, as one of the first cloud providers on the market, undertook a four-year process to ensure a selection of its cloud products were compliant with the standard clauses laid out by the European Commission in 2010. Clearly, it is not a simple process to bring cloud technology in line with security regulations.

[easy-tweet tweet=”Clearly, it is not a simple process to bring #cloud #technology in line with #security regulations.”]

As a result, more large organisations are now choosing to place their security in the hands of the experts. This is not a panacea; no matter how superior the security measures offered by a cloud provider, companies are still ultimately responsible for their own data. They need to be extremely careful when checking the security credentials of their provider; whether that’s for an accounting system or for a call centre, and the legal controls between provider and customer need to be tighter than ever.

A recent survey by Toshiba revealed that 56 per cent of businesses plan to implement a new cloud-based solution this year, and that for 50 per cent, security is a key area of investment. Our expectation is that we will see a continuation in the slow movement of the large corporations to the cloud, and the steady rise of security to the very top of their priority lists.

+ posts

Meet Stella

Newsletter

Related articles

How to add AI to your cybersecurity toolkit 

A successful implementation of AI in cyber defense requires a solid data governance system, reimagined incident response frameworks, sufficient talent and expertise to manage the new system, and established documentation practices.

The Metaverse: Virtually a reality?

Metaverses have the potential to enable virtual worlds to expand beyond the gaming genre to encompass all manner of social and commercial activities.

Cybersecurity and Cloud: A Look Back at 2022 and What to Expect in 2023

Businesses are continuously reassessing their resources and options to fill their tech stack. In this competitive digital landscape, the innovative use of technology will be something that would generate a competitive advantage for organisations.

Shopping for Data: Ensuring a seamless user experience 

This combination can drive a business’s data culture and provide a structured approach for businesses to benefit from data intelligence across their operations, with only a few clicks.

Unveiling the Top 10 Cybersecurity Threats to Watch Out for in 2023

As technology advances, so do cybercriminals' methods to gain unauthorised access to sensitive information. With the increasing reliance on technology in both personal and professional settings, it is crucial to stay informed about the top cybersecurity threats to watch out for in 2023.

Subscribe to our Newsletter