The most compelling reason for any business to look towards the cloud is cost, with security and privacy usually way down the list. Whether or not a business opts for a public or private cloud depends on what companies are willing to spend.
Followed by cost are usually concerns around availability. Businesses typically opt for a private cloud scenario where they want tighter controls around service level agreements and uptime guarantees, as typically public cloud arrangements cannot offer the five or six nines that larger businesses mandate.
Once business executives have made up their mind how much they are willing to spend and what service levels are acceptable, they will either just go ahead and purchase a cloud solution or, if in a good mood, might run it by their chief information security officer (CISO).
- Security Think Tank: Cloud is not that different
- Security Think Tank: A pragmatic and practical guide to secure hybrid clouds
- Security Think Tank: Before cloud, engage with asset owners
- Security Think Tank: Striking the hybrid cloud balance
- Security Think Tank: Balancing cloud risk and reward
- Security Think Tank: Choose public or private cloud with a clear head
- Security Think Tank: UK firms still not entirely comfortable with cloud
It has to be said that most CISOs get somewhat annoyed about being left out of the loop and having to make snap decisions on whether or not businesses should really be venturing into the cloud, especially at the last minute.
In terms of security and privacy for deciding whether public or private cloud is more appropriate, the best approach is for businesses to involve their CISOs at a very early stage so that the time and effort put into researching the best possible cost and availability options is not wasted and that businesses make a sound, balanced decision that embraces cost, availability and security.
With regards privacy, engaging a cloud provider means giving a third party your data. If your data is really that sensitive and you are selling nuclear missile components, then please do not put your blueprints in the cloud.
This was first published in February 2014