Some of the traditional concerns surrounding cloud computing have shifted. Instead of simply asking whether the cloud is secure, organizations are beginning to consider how to tie cloud services into specific business objectives. However, the question of security is still one that cloud storage companies still need to answer if they want to remain competitive, as a recent Veracode infographic showcases.
Veracode researchers found that 74 percent of the companies in the world use the cloud in some way. Despite the high worldwide adoption rate, security is still plays a strong role in the selection of a service provider. The infographic highlighted several questions that customers should ask of a provider, including:
• What controls are in place to maintain effective physical security?
• Is data encrypted both at rest and in motion?
• Are effective load balancing solutions in place?
• Is the provider compliant with requirements such as PCI or HIPAA?
As cloud service purchasers begin evaluating providers more comprehensively, the ability to establish trust and reliability is likely to gain traction in the cloud storage market. Particularly as overly idealistic goals transform into realistic implementations, customers will start asking better informed questions of service providers.
"Cloud applications are becoming more popular and prominent than ever and they aren’t going anywhere. Working in the cloud makes sense as it allows for greater efficiency and easier collaboration," Neil DuPaul of Veracode wrote in a blog post. "But before you make any purchases it certainly pays to do some research. Take the time to clearly understand how much you’re paying, what you’re paying for and pay close attention to what each service guarantees, they might make a bigger difference than you think."
Cloud interest increasing
Particularly within sectors that face stringent regulatory guidelines and security demands, organizations have historically been cautious with trusting critical applications to a third party. As InformationWeek columnist Stephen Delahunty noted, those perspectives are beginning to shift within the U.S. government. Partially driven by initiatives such as "Cloud First," federal agencies have increased adoption of cloud services. Delahunty cited research that found 50 percent of government organizations are starting to move ahead with their cloud implementations, which is up from 40 percent last year. As growth in the cloud market continues, service providers will need to take a proactive role in addressing common concerns among their customers.
"Security remains the biggest concern," Delahunty noted. "No surprise there. The Federal Risk and Authorization Management Program, which went into effect in June, is intended to bring a higher level of confidence in the cloud by standardizing the security assessment of vendors' facilities and services."
Establishing trust with regard to security is a matter of providing evidence. Third-party auditing and certifications are an effective way of building trust with customers. Another concern uncovered by InformationWeek has more to do with the growing complexity of cloud implementations. Many respondents cited a lack of internal cloud expertise as a significant concern that hinders implementation.
This deficiency could create opportunity for cloud storage companies that are able to provide consulting in addition to technology solutions. As this trend indicates, the shift in perspective may place a high value on vendors' ability to improve customer knowledge. With the industry in a state of transformation, that complexity is likely to grow as companies increasingly utilize a mixture of on-premise, public and private solutions.
