Given that data security and privacy concerns have been an inhibitor during the early stages of cloud adoption, it is somewhat ironic that the continued spate of high-profile customer data breaches is likely to push more enterprises toward cloud services.
For Tim Jennings, Research Analyst, Ovum, it is also an indicator of the increasing maturity of the cloud environment.
“Where problems arise the main issue is not necessarily the fact that the breach has occurred, because some degree of vulnerability will always exist, but the way that the organisations concerned react,” Jennings says.
“Many have been like rabbits caught in the headlights, seemingly having little insight into the root cause of the failure, the extent of the consequences, or the actions required for remediation.”
According to Jennings, modern cloud providers have invested large sums of money into end-to-end security, covering the physical security of the data centre and encryption of customer data through to highly automated patching and sophisticated security intelligence.
“It is unrealistic to expect even very large enterprises to replicate this environment,” he adds.
“One can envisage, therefore, pointed conversations within boardrooms as CIOs and chief security officers are questioned about the likelihood of their organisations being the next to suffer reputational damage through the exposure of customer data.”
As a result, Jennings believes that many organisations will conclude that using the expertise of a third party is a more reliable approach than depending on in-house resources.
“This does not necessarily mean adopting a public cloud environment,” Jennings qualities.
“It may be that enterprises prefer to use either an on-premise or virtual private cloud, while still taking advantage of a specialist provider’s management and security capabilities.
“Nor does it mean that the responsibility for security and customer data passes away from the enterprise - even though the delivery of these capabilities is in the hands of the third party, governance and control must be retained in-house.”