CloudFucius Has: Déjà Vu and Amnesia…

…at the same time!  Wow, faster than you can mutter, ‘Survey Says…’ more cloud computing survey results appear.  Just last week, CloudFucius reported on 4 cloud surveys which confirmed the trend of our Love/Hate Relationship with the cloud.  Before the week was over, a couple more surveys reiterated our feelings toward cloud computing.  We love it since it helps IT with cost control, yet we’re still very cautious about deployments due to the concerns about security and control. 

The results of the Eighth Annual Global Information Security Survey were released last week and once again the theme is, ‘we see the value and understand the benefits but still scared about the provider’s ability to secure critical data and IT’s ability to control access to that data.  CSO, CIO and PriceWaterhouseCoopers surveyed 12,847 technology and business executives from around the world and 62% of you have little or no confidence in your ability to secure any data in the cloud.  49% have ventured into the cloud but of those, 39% still have major questions about cloud security.  Sounds familiar huh?  The greatest risk to their own (your own) cloud computing strategy is the ability to enforce security policies at the cloud provider’s site.  Inadequate knowledge/training and IT auditing also made the list.  If you remember the PhoneFactor survey from last week, the biggest security concern was preventing unauthorized access to company data.  Enforce security policy and prevent unauthorized access is almost the same thing.  Enforcing a security policy should prevent unauthorized access.  There needs to be more specific guidelines as to what types of data are acceptable for the cloud along with how to handle regulatory reporting of data in the cloud.

The CSO survey also found security concerns in regards to ‘third parties’.   There is a concern about cloud vendors who use third parties to host data centers and hardware along with serious fears about our third party business partners.  The vendor issue has to do with not knowing any of the people hired to work on your systems; with partners, many organizations are concerned that their own security is at risk if their associate’s or partner’s security has taken a hit over the last year.  77% felt that their strategic partners had been weakened by the recession over the last year.  If you remember Verizon  Business' "2009 Data Breach Investigations Report (pdf)" 32% of the data breaches implicated a business partner and in fact, the majority was due to lax security practices at the connection level from the third-party.  In 2009, it was usually the third-party systems that were compromised and the attacker used the trusted connection to make inroads to the target.  Since it’s coming from a ‘trusted’ authorized connection, these are difficult to detect and stop.  The more things change, the more they stay the same.

Speaking of surveys, Lauren Carlson, a CRM Market Analyst asked me to share her short survey with you.  Software Advice, a company that reviews CRM software, is conducting a survey on their blog to see who the real leader is in CRM.

And one from Confucius: Ignorance is the night of the mind, but a night without moon and star.

ps

The CloudFucius Series: Intro, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24

Resources:

Digg This
Published Oct 05, 2010
Version 1.0
No CommentsBe the first to comment