rvlsoft - Fotolia

Business needs education in cloud value and security, study shows

Improved trust and security are critical to encouraging continued adoption of the cloud, an Intel Security report shows

Cloud providers need to educate businesses, governments and consumers about the value of cloud and how to secure it, according to a report by Intel Security.

While a majority (77%) of organisations trust cloud computing more than a year ago, just 13% trust public cloud providers to secure sensitive data, according to the report based on a poll of 1,200 IT decision makers worldwide.

These findings highlight that improved trust and security are critical to encouraging continued adoption of the cloud, the report said.

“This is a new era for cloud providers. We are at the tipping point of investment and adoption, expanding rapidly as trust in cloud computing and cloud providers grows,” said Raj Samani, European chief technology officer for Intel Security.

“As we enter a phase of wide-scale adoption of cloud computing to support critical applications and services, the question of trust in the cloud becomes imperative. This will become integral into realising the benefits that cloud computing can truly offer,” he said.

According to the report, the cloud already has a strong impact in the daily lives of many people and businesses, with an ever-growing number of activities performed on digital devices leveraging cloud computing in some way.

The increasing use of the cloud is underscored by the survey, which found that 80% of respondents’ IT budgets will be dedicated to cloud computing in the next 16 months. 

This transition, the report said, means that the skills of technology professionals working in the affected companies will have to evolve significantly, and that the level of trust in the cloud will have to improve through increased transparency.

Cloud investment trends

A majority of organisations (81%) are planning on investing in infrastructure-as-a-service (IaaS), the survey found, closely followed by security-as-a-service (79%), platform as a service (69%), and software as a service (60%).

Security and compliance

A majority of respondents (72%) list compliance as the primary concern across all types of cloud deployments, and only 13% of respondents noted knowing whether or not their organisations stored sensitive data in the cloud.

More than 1 in 5 respondents expressed their main concern around using software as service (SaaS) is having a data security incident. Correspondingly, data breaches were a top concern for infrastructure as a service and private clouds.

However, the survey found that less than a quarter of enterprises are aware of data breaches with their cloud service providers.

The C-Suite blind spot

High-profile data breaches with major financial and reputational consequences have made data security a top-of-mind concern for C-level executives, the survey found. However, many respondents said there is still a need for more education and increased awareness and understanding of risks associated with storing sensitive data in the cloud.

Only a third of respondents feel senior management in their organisation fully understand the security implications of the cloud.

Shadow IT, risk and opportunity

Despite IT departments’ activity to eliminate shadow IT activity, 52% of the lines of business still expect IT to secure their unauthorised department-sourced cloud services.

This lack of visibility into cloud usage due to shadow IT appears to be causing IT departments concern when it comes to security, with 58% of respondents surveyed by the Sans Institute in Orchestrating Security in the Cloud noting that shadow IT has a negative impact on their ability to keep cloud services secure.

Security investment

Cloud security investment varies in priorities across the different types of cloud deployment, with the top security technologies used by respondents being email protection (43%), Web protection (41%), anti-malware (38%), firewall (37%), encryption and key management (34%) and data loss prevention (31%).

“The cloud is the future for businesses, governments and consumers,” said Jim Reavis, chief executive officer of the Cloud Security Alliance.

“Security suppliers and cloud providers must arm customers with education and tools and cultivate strong relationships built on trust to continue the adoption of cloud computing platforms. Only then can we completely benefit from the advantages of the cloud,” he said.

As reliance on cloud computing platforms grows, Reavis said there is an opportunity to raise the level of trust in alignment with the expectations of enterprises and consumers.

“The CSA, a volunteer-led organisation and a leader in technical research, extends an invitation to organisations and their constituents to participate in and lead this transformational change,” he said.

Read more about cloud security

Read more on Cloud security