Fears remain over cloud deployment and the decision making process on adoption remains mixed, yet cloud continues to grow.
Whether security or data location, the concerns about cloud are well documented but cloud adoption continues to soar. While public cloud remains the largest of the clouds market, research from Easynet suggests that in the EU 47% are using private cloud as their main approach.
Surprisingly only 11% across Europe are using public cloud as their main approach, while a hybrid approach is preferred by 17%.
This raises a question about the consumption of public cloud, who exactly is using it? We know that AWS, Google and Microsoft make vast amounts of money from an ever growing public cloud market but it almost seems omnipresent, everywhere but hard to pin down.
Despite its popularity, public cloud is viewed frequently as almost a rebellious option, an option to choose that might put your data or business at risk.
Paul Cash, MD, Fruition Partners, spoke to CBR regarding a report that highlighted that business is circumventing CIO’s to adopt public cloud services, anecdotally he said: "One large organisation did analytics on how many cloud storage services were being used…in excess of 60 cloud services were in use across the business…IT had validated one."
Part of the problem is that the decision making process is not well defined.
Content from our partners
According to research from Cobweb Solutions and the Cloud Industry Forum, the CIO makes the cloud decision in 59% of organisations, this leaves 41% of organisations that have decisions being made by different parts of the business.
This should raise concerns for businesses, particularly when nearly 100% of firms in the banking and financial services are putting personal identifiable information in the cloud, according to CipherCloud Global Data Security Report.
In addition to this, a significant percentage (33%) are using cloud to store highly sensitive PII’s such as tax ID’s, birth dates and social security numbers, while 47% use the cloud to process personal finance data.
Dr Chenxi Wang, VP of Cloud Security and Strategy, CipherCloud, told CBR: "My take is that financial firms are comfortable using the cloud to process sensitive information as long as they have proactive measures to mitigate risks. 100% of the firms storing sensitive data in the cloud use various forms of encryption or tokenisation to protect their data.
"Make no mistake, these firms will not repeat the past missteps with on-premises deployments. They are taking a data-centric approach with cloud – they are proactively identifying and protecting sensitive data before data enters the cloud environment.
"Another interesting thing is seeing how few firms are using searchable encryption for highly sensitive PIIs like SSN and date of birth. Comparatively speaking, searchable encryption is much more commonly used for information that perhaps has a lower sensitivity level like business confidential data and other forms of PIIs.
"Bear in mind that these are some of the largest financial institutions in the world. This finding illustrates how mature the data protection practices are within these firms.
"They are no longer using highly sensitive PIIs to index, search and reference into other records, which ensures they can use the strongest possible protection to secure these highly sensitive data items."
Despite all the fears and the inability for many organisations to have a clear decision making process cloud grows. If the option to not deploy cloud means being left behind by your competition, the risks will always be manageable.
