Cloud security: Fear takes a backseat

Despite the commonly stated desire to have secure cloud services, a recent study shows that many enterprises push ahead

Hey, guess what? A recent study from the Ponemon Institute research firm discovered that organizations "not only don't have a handle on important aspects of cloud security -- they are also well aware of this." That sure seems to contradict the frequently stated concerns from CIOs, business execs, and others over the security of the cloud.

Here's the reality: More than half of respondents to the survey (52 percent) rated their organization's overall management of cloud server security as fair (27 percent) or poor (25 percent). Another 21 percent didn't have any comment on their ability to secure their cloud servers, while 42 percent expressed concern that they wouldn't know if their organizations' applications or data was compromised by an open port on a server in a cloud, according to the Ponemon study.

[ Get the no-nonsense explanations and advice you need to take real advantage of cloud computing in InfoWorld editors' 21-page Cloud Computing Deep Dive PDF special report. | Stay up on the cloud with InfoWorld's Cloud Computing Report newsletter. ]

At the same time, it's clear that cloud adoption has been accelerating, as the tire-kicking phase gives way to an adoption phase. We're adopting cloud computing like crazy, and security is more of an afterthought that the business knows about and accepts.

Interesting -- but not surprising.

This is the normal adoption process for new technology. We've seen this with every hyped technology wave, such as client/server, distributed objects, EAI, and the Web. Despite what we say, in practice we ignore the need for security and take the risk to get the initial instances of the technology up and running. Cloud computing is no different, even though the risks of not having a sound security strategy are much greater in cloud computing.

Under these circumstances, what should you do? For starters, pay attention to security when you define, design, and deploy a cloud computing system. Will the use of security delay deployment? Yes, a bit. However, you'll go much slower if your critical business data is hacked because you put few (if any) protections around it. You might also be out of a job. Even rudimentary security measures such as encryption go a long way.

Cloud computing is good, but proceed with at least a little caution.

This article, "Cloud security: Fear takes a backseat," originally appeared at Read more of David Linthicum's Cloud Computing blog and track the latest developments in cloud computing at For the latest business technology news, follow on Twitter.

Copyright © 2011 IDG Communications, Inc.

How to choose a low-code development platform