1. What are the underlying reasons that (some) businesses still view the cloud as insecure, and are these reasons valid?
The cloud is as safe as the security measures used to protect it. In some cases, perceptions that cloud computing does not offer adequate levels of protection have been blown out of proportion. In part, these views are driven by recent high-profile security breaches, which have only strengthened the resolve of cloud providers to introduce the highest possible security measures. Security threats cannot be eliminated in their entirety, but cloud computing per se has been made far more secure by introducing a combination of preventative network measures, like IP security protocols, and features to protect the user’s account, like multi-factor authentication. Sometimes businesses are not aware of massive developments in cloud security that have happened over the last couple of years. These include massive improvements in underlying technologies, large investments in security procedures etc.
2. Are these reasons industry specific, and if so how do they vary from industry to industry?
Most online activities involve accessing the cloud, including logging into e-banking or e-commerce accounts. It’s important that all cloud services have stringent security measures in place to protect user data, but this is even more important when user data is financial in nature. It’s for this reason that the financial and retail industries are at the forefront of online security, and have spearheaded the introduction of new security standards like PCI DSS.
3. How to best mitigate risk when migrating to the cloud?
Introducing security measures for the cloud network but not offering adequate protection for a user’s account is like building a perimeter fence but leaving the front door open. It’s essential that cloud security include all available methods, such as mobile devices through the introduction of multi-factor authentication. When choosing the best method for implementing multi-factor authentication, it’s important to assess the reliability and security of a third party, helping choose between a hardware solution and a mobile solution, such as SMS-based two-factor authentication.
4. Are there any alternatives to the cloud which are more secure, and can still compete in terms of cost?
The fact that online storage providers, popular consumer applications and infrastructure services have all moved to the cloud illustrates the impact it’s had on contemporary computing. There’s no turning back now, the cloud is here to stay, for both consumer and corporate use.
Cost and complexity are considerable factors behind this. Corporate alternatives to cloud computing require significant technical know-how to deploy. These alternative networks are a form of cloud computing, only proprietary and custom-made, which makes them expensive to run.