A few years ago, cloud computing was being touted as the biggest and best new innovation for companies to increase productivity and cut costs. Fast forward to today and the use of cloud-based core services such as DropBox or Google Mail are almost ubiquitous among smaller organisations. If you’re a small or medium sized company then having the capacity to ‘outsource’ not only your software and its maintenance but also your data storage, means that you can save significant time and money on internal resources.
At the top end of the scale however, the largest enterprises have seen less reason to adopt cloud services. Sharing computing resources doesn’t provide many added advantages if you already require a vast amount of technology to cater for your business needs. These organisations often consider it to be more efficient to source their own dedicated data centres or to self-manage their hardware on-site. There has also been a widespread distrust of the cloud in terms of security, with in-house IT teams instinctively wanting to preserve their control of systems and hardware.
Attitudes are beginning to change however. As the cloud market matures and suppliers continue to improve their offerings, the economics of implementing the technology are starting to stack up for larger enterprises as well. Ironically, given the long-term suspicion of the cloud, one of the most important reasons for this change is security.
[easy-tweet tweet=”Ironically, given the long-term suspicion of the #cloud, one of the most important reasons for this #change is #security.”]
It has taken a long time, but the senior management teams are starting to recognise the potentially disastrous consequences of a security breach for their organisations. Compliance is also becoming more of a headache. Regulations are being tightened up on a regular basis – the EU General Data Protection Regulation (EU GDPR) is just around the corner for example, and this legislation will still apply even after the recent Brexit vote. Thanks to this, in-house teams are beginning to realise just how difficult security and compliance can be. In the FinTech sector in particular, governance and legal requirements can be extremely onerous, and across all organisations there is an absolute need to keep risk to a minimum.
It is becoming much more widely accepted that the real security experts may in fact be those working outside the organisation, rather than within it. In Gartner’s recent predictions for IT organizations and users for 2016 report, the analyst firm stated that “Through 2020, 95 percent of cloud security failures will be the customer’s fault.” Gartner’s suggestion is that it will be weaknesses in the internal procedures of companies that lead to compliance failures and increased levels of business risk, rather than failures of the external providers.
As an example of the investment taking place in security for cloud services, in 2014, Microsoft, as one of the first cloud providers on the market, undertook a four-year process to ensure a selection of its cloud products were compliant with the standard clauses laid out by the European Commission in 2010. Clearly, it is not a simple process to bring cloud technology in line with security regulations.
[easy-tweet tweet=”Clearly, it is not a simple process to bring #cloud #technology in line with #security regulations.”]
As a result, more large organisations are now choosing to place their security in the hands of the experts. This is not a panacea; no matter how superior the security measures offered by a cloud provider, companies are still ultimately responsible for their own data. They need to be extremely careful when checking the security credentials of their provider; whether that’s for an accounting system or for a call centre, and the legal controls between provider and customer need to be tighter than ever.
A recent survey by Toshiba revealed that 56 per cent of businesses plan to implement a new cloud-based solution this year, and that for 50 per cent, security is a key area of investment. Our expectation is that we will see a continuation in the slow movement of the large corporations to the cloud, and the steady rise of security to the very top of their priority lists.