One of the best analogies to illustrate ‘the cloud’ is electricity. If I asked you what you’d prefer, to build a small power plant in your garden and make your own electricity, or buy what electricity you need from a company, you’re very likely to say you just want to pay for what you use. The same argument applies to the cloud; you don’t need a server farm in your office, you just need someone who has lots of server farms to let you rent out space or resources in theirs.
While the cloud is conceptually simple, the biggest reservations most people have about cloud computing are those of security and privacy. A number of people find the idea of handing over important data to another company extremely worrisome and they might hesitate to switch to cloud based systems simply because they can't keep their company's data under lock and key.
Of course, what one needs to understand is that the companies who offer cloud computing services have their reputations to lose and having reliable security in place is beneficial to the companies themselves first and foremost. Without excellent security and a reputable track record, the company would lose all its clients. Furthermore, owing to the scale of the cloud, users can achieve better security than if they tried on their own behalf, as the provider’s investment in better security costs less per consumer.
This does not mean that you should not ask the question ‘Where's my data?’ Bear in mind that different countries have different requirements and controls placed on access and that even though your data is in the cloud, it still resides in a physical location, somewhere. Ensure that you choose a cloud company which hosts somewhere sensible and with good security checks in place. At the end of the day, the cloud provider should agree in writing to provide the level of security that you require.
Privacy is another concern many have. The argument is that if a client can log in from any location to access data and applications, it's possible the client's privacy could be compromised. However, cloud computing companies adopt myriad ways to protect client privacy, one of which is using authentication techniques such as user names and passwords. Different levels of authorization also help in minimizing risk; if each user can access only the data and applications relevant to his or her job, the risk that huge swaths of sensitive data are lost is reduced.
While cost and ease of use are two great benefits of cloud computing, there are security concerns that need to be addressed when considering moving critical applications and sensitive data to public and shared cloud environments.
To address these concerns, the cloud provider must develop controls to provide the same or a greater level of security than the organization would have if they were not using the cloud. However, if you are considering using the cloud, you will need to step back and look at who is managing your data and what types of controls are applied to these individuals and the data itself.
Have you got any other concern about cloud adoption? Contact us now. We are willing to help.