Shift: public cloud considered more secure than corporate data centers
Security has always weighed heavily on executives' minds as the risk of using public cloud services. In surveys I am involved in designing, we find to this day that security is the number-one challenge or showstopper when it comes to moving things to the cloud.
However, there's a growing sense that things may be more secure in the public cloud, especially since cloud providers pay a lot of attention to it, and make it their business to keep up with the latest security technology.
That's the gist of a recent survey of 210 IT executives conducted by SADA Systems. SADA specializes in cloud migrations, so it's to be expected they would want to demonstrate that cloud security fears are waning. But this is a trend I've seen evolving in recent years, with an awareness that things are getting so complex, and the external and internal security threats are getting so savage, that it's just too much for a corporate IT shop to attempt to do it on its own.
The survey's key takeaway was that IT managers are more confident in the security and reliability of public cloud than they used to be, and as a result they are running more data and applications on public cloud infrastructure. The survey found that 51 percent said data security is better in the cloud than in their own data centers, and 58 percent said public cloud was the most secure, flexible and cost-effective solution for their organizations. In addition, 13 percent said they "trusted public cloud providers more than their internal teams" to handle data and applications.
Still, even in this survey, security is still top of mind, along with a prevailing attitude that if there's going to be a security breach, it's better to have your own than to suffer someone else's. A majority, 51 percent, still said concerns about data security prevented them from adopting public cloud sooner. At least 54 percent said a major data breach or downtime issues experienced by public cloud providers might preclude them from using more public cloud infrastructure.
So comfort levels keep growing when it comes to cloud. But security still needs to be the front and center concern when you are relying on someone else to manage your data and run your applications. The key is that while cloud providers may have all the newest and shiniest security solutions, along with the right training and certifications, the cloud customer still needs to take ownership of security. The customer needs to hold vendors' feet to the fire regarding security protocols, and embed them deeply into service level agreements. Cloud customers need to do their due diligence and get to know what and how vendors are providing security.
Other issues affecting public cloud adoption focus on control, or the loss thereof. At least 40 percent of IT executives said they were hesitant to move to public cloud services due to concerns about stability and public cloud's long-term viability. If a cloud service provider began to hit a financial slump, 34 percent would back away from that vendor. Another one-third were concerned with costs escalating beyond their control.
The survey also finds that 84 percent of respondents are using public cloud infrastructure today, led by Google Cloud Platform, Microsoft Azure and Amazon Web Services. Migrations to public cloud typically take three to six months to accomplish (indicated by 45 percent), and 23 percent said it took less than three months.