When you say “cloud” somebody’s imagination draws a sky with dozens of funny-shaped airy clouds, IT folks’ mind will recall companies’ names like Microsoft, Google, Dropbox, Amazon. Indeed, cloud computing has contributed to the business world tremendously, still there is much skepticism around such kind of services, reliability and security of remote clouds. Naturally when you store all your data in the cloud you “shift” control over it and rely on a cloud provider – here your fears of data possibly to be lost, damaged, leaked or hacked, services and sites to be kicked offline, come on to the stage. Legally according to the agreement between you and provider the service provider would be responsible should any of the aforementioned occur, but at the end of the day the possible losses endured by the business resorting to the cloud are greater than the cloud service provider’s since such actions could result in the complete destruction of the business. So a decision of moving to the cloud is a serious one.
Interesting that more than a third (36%) named security a main issue holding back uptake for them. This concern is contradictory due to a number of factors:
Firstly, the whole point of cloud computing is that the applications and data being used are sitting on multiple servers at once in data centers located around the world. Thus attacking one part of the infrastructure becomes virtually a waste of time as redundancy will always ensure access to this data. It means attacking data or performance of a targeted company becomes almost “mission impossible”.
Secondly, it makes sense to view security matter from the perspective of the capabilities of the cloud computing systems versus ones of internal software systems. How high are chances that a large cloud provider won’t have far more resources to direct at security than the average enterprise? The infrastructure of cloud computing systems is comprised of machinery and technology on the cutting edge of technological advancements in addition to the far-advanced skills and knowledge of their workers – doubtful that this is accessible to an average business or computer user. Therefore, the business has a greater chance of loss handling the company data and software internally. As more and more organizations make the move into the cloud, it’s certain that safety and security measures only increase.
Experts say a more reasonable concern relates to resilience and outages, not data breach. Outages of Amazon or Microsoft are regularly reported. They can be caused by freak weather like for instance happened to Amazon Web Services resulting in such popular services as Instagram and Netflix being pushed offline for a number of hours. Instagram’s outage hit the headlines due to a short period of downtime, but what if smaller companies using cloud providers face their sites knocked offline – how high up their cloud provider’s list of priorities will it be to get it fixed? Well, in this case for web sites it’s of vital importance to be hosted with multiple cloud providers since this makes sites virtually almost unassailable experiencing close to zero downtime.
Worries about legal compliance are probably more justifiable. Under the Data Protection Act, organisations have to agree that personal data will not be moved outside a particular group of named European countries, but a cloud provider may be storing data in multiple jurisdictions. This problem isn’t insurmountable (personal data can be anonymised, for example), but it does make the decision to move to the cloud a more complex one.
To conclude, cloud computing service providers treat security, availability, privacy and legal compliance issues very seriously since this is the essence of their very business. СSPs mostly have better machinery, technology and skills and invest more in their further advancement than an average enterprise could afford itself. Loss or damage of any data by a cloud services provider or long downtime does not only implicate a possible demise or huge direct and indirect losses of the business to which the service was provided, but can be partially or completely fatal for the cloud computing service business and its reputation. Cloud services providers are legally implied with massive liability which is very incentive for them to preserve a high quality of their services and treat issues with due diligence.
Or don’t you agree? 🙂