Cloud security remains a barrier for CIOs across Europe

Security issues are the main factor limiting the further use of cloud computing services, according to a study by Eurostat

Security issues are the main factor limiting the further use of cloud computing services, research from Eurostat has found.

In a survey conducted by the European Commission’s Eurostat statistics service, public cloud computing was reportedly used by 24% of large enterprises and 12% of small and medium-sized enterprises (SMEs) in the EU.

However, the survey noted that the risk of a security breach scored highest both for large enterprises and SMEs, at 57% and 38% respectively.

"Firms attach importance to the protection of their IT systems, but the issue can be seen in the wider context of resilience to possible security breaches when using the cloud," the Eurostat report stated. 

"Service providers would be expected to take all possible steps to establish, and transparently apply, procedures relating to possible breaches of the security of systems and services intended for their clients," the report continued.

Data sovereignty concerns

The organisations surveyed were also concerned about data sovereignty. 

Cloud services are often hosted in one country and consumed in others. Service providers may use datacentres scattered around the globe, hence enterprises using the cloud may feel uncertain of the location of their data. In addition, there may be issues of legal jurisdiction in the event of dispute and uncertainty about the applicable law. 

Both factors were reported as limiting the use of cloud computing, particularly for large enterprises already using the cloud.

The report suggested that the risk of a security breach may be more than simply a technical issue, pointing out that it could be a matter of service providers’ liability and accountability.

Cloud management skills need further development

Lack of relevant skills may also be hampering the take-up of cloud computing. 

The report stated: “The use of cloud computing services may require specific ICT management skills, particularly to evaluate need and use management tools to gauge consumption of IT resources accurately. Therefore, insufficient knowledge or expertise may limit the take-up of cloud computing.”

The survey found that 66% of enterprises using cloud were running cloud e-mail, 53% were using cloud to store files in electronic form, 39% were hosting their database in the cloud and 34% were using cloud-based software.

Commenting on the findings, Luke Scanlon, a lawyer at Pinsent Masons, warned that one of the areas businesses needed to address was data control. 

“If there are any issues with storing intellectual property, the business needs to focus on segregating data,” he said. 

Rather than applying data rules to all datasets, Scanlon suggested that data deemed less business-critical should be categorised as such and offloaded to the cloud.

In a recent study, analyst firm Gartner found that 44% of respondents, surveyed in 10 countries, cited overall cost reductions as the main reason for investing in cloud services.

Gartner said businesses had moved on from the small pilot phase of cloud adoption to transferring mission-critical work to the cloud.

Read more on Cloud security