Into the Cloud -- Securely
Companies are on the path to cloud adoption. According to a recent report, 28% of U.S. organizations are using cloud computing today, with 73% reporting their first step was implementation of a single cloud application. Yet while 84% of organizations say they have employed at least one cloud application, most do not yet self-identify as "cloud users" who are "implementing or maintaining cloud computing."
Why not? Aren't they using the cloud? Perhaps it depends on your definition. There are countless definitions of "cloud computing" currently in use as the technology continues to grow in popularity. For this article, we define cloud computing as a model for enabling convenient, on-demand access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be provisioned rapidly. With that definition in mind, let's look at adoption.
CDW's Cloud Computing Tracking Poll found that organizations are moving applications to the cloud to consolidate their IT infrastructure, reduce IT energy and capital costs and provide anywhere access to documents and applications. Applications most commonly operated in the cloud in 2011 were commodity applications -- including email, file storage, Web and video conferencing and online learning.
[OUTLOOK: Cloud activity to explode in 2012]
[ENTERPRISE CLOUD SERVICES: 4 essential cloud security tips]
One of the key reasons many companies use the cloud for commodity applications is because they assume a cloud provider's security is robust enough for these non-critical applications. However, organizations say they are moving to the cloud very carefully and selectively, in part because of security concerns. Why? Because cloud computing represents a significant shift in how computing resources are provided and managed. Many organizations wonder how secure data stored in the cloud can be, and some hesitate to give up the control that comes with in-house computing resources. Because of this, many organizations are holding back when it comes to moving more critical data to the cloud, despite attractive benefits.
Security concerns tied to cloud computing are clear, but tangible efforts to protect data in the cloud are often lacking in spite of these concerns. Many cloud users miss key opportunities to secure data in the cloud by not taking advantage of all available security features and/or not taking steps to verify their cloud provider's security.
While it is true that certain security functions may be out of a cloud customer's hands, CDW's poll found that only 54% of respondents encrypt data in transit, only 50% manage employee access to cloud applications, and only 44% require password changes every 90 days. These are basic security best practices that cloud users must adhere to. The ideal approach involves recognizing that the security measures you take in a traditional environment are in many ways the exact same measures you should take in a cloud environment.
As a cloud customer, you may not be able to control the physical security of a data, but you can take steps to be sure that your cloud provider is actually following through with the security you've been promised. Conduct high-level audits and ask for concrete proof of a cloud vendor's security claims, whether that's PCI DSS certification or a SSAE 16 report. Stay informed of the standards, policies and procedures your cloud provider has in place, and do not hesitate to ask questions. If you can't get a clear answer to your questions, it is probably time to consider a different provider.
As we begin 2012, companies are thoughtfully migrating to cloud solutions when and where it makes sense. Are they sending everything to the cloud? No, nor should they. But they are not saying no to the technology either.
The smartest thing you can do is to align your organization with a trusted partner who can help guide you through the process of cloud adoption. Cloud computing offers a long list of benefits to organizations large and small, but ensuring that cloud-based data is secure is a critical first step nobody should skip on their journey to the cloud.
CDW is a leading provider of technology solutions for business, government, education and healthcare. Ranked No. 32 on Forbes' list of America's Largest Private Companies, CDW features dedicated account managers who help customers choose the right technology products and services to meet their needs. The company's solution architects offer expertise in designing customized solutions, while its advanced technology engineers assist customers with the implementation and long-term management of those solutions. For more information, visit CDW.com.
Read more about pc in Network World's PC section.