Despite Security Concerns, Study Finds That Cloud Platforms Deserve Trust
How much trust should organizations be putting in their cloud platforms and applications? Plenty, according to a Google-sponsored study called Trust in cloud technology and business performance: Reaping benefits from the cloud. The study found that enterprises that trust cloud computing apps and platforms to transform their businesses beyond cost cutting gain from significant revenue growth.
The study also found that 38% of enterprise IT organizations have adopted cloud computing, projected to increase to 45% by 2019. Here are more details.
According to study findings, enterprises with very high trust in the cloud cite a 9.1% profit rise versus 1% by the low-trust group. Still, though, concerns over security, regulatory and compliance issues, and inability to integrate with existing on-premise systems are the three primary barriers hold back cloud computing adoption in enterprises today, according to the study.
On that front, The Cloud Security Alliance has put together a list of the nine most prevalent and serious security threats in cloud computing. Many of them relate in one way or another to the weaknesses implicit in Shadow IT. The report was released in February and cites data breaches, data loss, insecure APIs and other points of concern related to cloud computing platforms.
The Cloud Security Alliance (CSA) has also formed a Cloud Security Open API Working Group to jointly define protocols and best practices for implementing cloud data security.
According to the announcement post:
"The Cloud Security Open API Working Group will provide guidance on vendor-neutral data-security implementation to help accelerate cloud services adoption. Collaboration on these guidelines will also further accelerate security integrations across multiple clouds and with third-party technologies. This initiative will enable enterprises to leverage standards-based APIs to protect data via encryption, tokenization and other technologies across cloud environments, helping eliminate the need for custom integration for each cloud. The working group plans to produce API specifications and a reference architecture to guide cloud data protection.