Within cloud implementations, organizations list security as both an obstacle and opportunity in recent surveys conducted by EMA. By looking at your security environment, you can identify where weaknesses are and look at requirements for your industry, platform, etc. Within cloud environments specifically, providers build their platforms with security in mind first. Therefore, many security concerns end up being perceived challenges versus real ones. When you look at enhancing security, make sure that your concerns are real so that you do not waste time with perceived obstacles that have already been addressed by your solution provider.
Evaluating cloud requirements are important irrespective of where you store your data. Cloud implementations bring up concerns surrounding storing data outside the firewall, but whether these are real risks or perceived challenges remain to be seen and will depend on individual organization circumstances. In most cases, cloud providers build their platforms with security in mind and take away the guesswork associated with meeting on-premises security parameters. At the same time, businesses may also have international privacy restrictions or security and compliance needs based on industry-specific requirements. These create a double layer of requirements to evaluate when looking at cloud-based storage and general cloud analytics usage.
EMA has conducted regular cloud analytics research studies over the last few years. In the most recent, survey respondents state that security is both a key challenge to cloud analytics adoption as well as a driver for its implementation. Clearly, organizations are still split on security implications for cloud. Some organizations feel that with cloud adoption they no longer have to take responsibility for their cloud requirements, while others may feel that cloud adoption creates greater concern.
Either way, organizations should take steps to evaluate their security requirements and understand the differences they may face while storing data on-premises versus in the cloud. Although an IT-focused activity, from a business perspective it is important to evaluate the following:
- Do specialized security requirements exist? This includes looking at industry-specific privacy needs and general security protocols that might be required.
- Do cloud providers meet these needs or will the organization need to take responsibility for additional security requirements?
- Where is data stored? Many organizations have hybrid environments or store data in several data centers. If they reside in different countries, security and privacy laws may differ in terms of data sharing, storing, and use.
- What business requirements might overlap with security issues? How will they be handled?
These questions provide a general look at the types of issues that arise from a business perspective. Security breaches have far-reaching implications – whether for customers, suppliers, shareholders, potential compliance issues, etc. It is understandable why organizations are concerned about ensuring security. The reality, though, is that security remains a potential challenge irrespective of where it is stored. Within the cloud, organizations have the benefit of leveraging greater expertise through providers that want to ensure overall customer satisfaction and provide secure platforms on top of strong product offerings.