Cloud computing is challenging traditional IT security, but could be a key element in enabling a security policy to meet modern threats, says Eric Domage, research manager at IDC EMEA.
Organisations should take time to anticipate the security opportunities brought by cloud computing, he told attendees at the IDC Security Conference 2010 in London.
Combined with more careful security technology investments, and analysis and management of compliance requirements, cloud computing could enable the adaptive security policy modern businesses need, said Domage.
The need for such a policy, he said, is greater than ever before as cloud computing enables anyone in a business to access IT resource.
Users do not need the IT department to access IT resources, but can do it without IT departments having any idea it is happening, said Domage.
With 18% of UK companies considering cloud computing, 17% evaluating it, and 15% already using it to some degree, cloud computing is a reality IT security managers need to face, he said.
According to IDC research, cost saving is the overall biggest motivation - chief information officers are looking to public and private clouds.
The pay-per-use model is the most attractive (44%), followed by infrastructure cost savings (40%), fast deployment (40%) and lower cost of ownership (35%).
The IT security officer is typically caught in the middle of compliance, flexibility and cost challenges that only an adaptive security policy can meet, said Domage.
Businesses should not ignore the potential of cloud to help in enabling adaptive security, and should look to cloud for the new opportunities it can bring.