Companies are on the path to cloud adoption. According to a recent report, 28% of U.S. organizations are using cloud computing today, with 73% reporting their first step was implementation of a single cloud application. Yet while 84% of organizations say they have employed at least one cloud application, most do not yet self-identify as "cloud users" who are "implementing or maintaining cloud computing."
Why not? Aren't they using the cloud? Perhaps it depends on your definition. There are countless definitions of "cloud computing" currently in use as the technology continues to grow in popularity. For this article, we define cloud computing as a model for enabling convenient, on-demand access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be provisioned rapidly. With that definition in mind, let's look at adoption.
CDW's Cloud Computing Tracking Poll found that organizations are moving applications to the cloud to consolidate their IT infrastructure, reduce IT energy and capital costs and provide anywhere access to documents and applications. Applications most commonly operated in the cloud in 2011 were commodity applications -- including email, file storage, Web and video conferencing and online learning.
One of the key reasons many companies use the cloud for commodity applications is because they assume a cloud provider's security is robust enough for these non-critical applications. However, organizations say they are moving to the cloud very carefully and selectively, in part because of security concerns. Why? Because cloud computing represents a significant shift in how computing resources are provided and managed. Many organizations wonder how secure data stored in the cloud can be, and some hesitate to give up the control that comes with in-house computing resources. Because of this, many organizations are holding back when it comes to moving more critical data to the cloud, despite attractive benefits.
Security concerns tied to cloud computing are clear, but tangible efforts to protect data in the cloud are often lacking in spite of these concerns. Many cloud users miss key opportunities to secure data in the cloud by not taking advantage of all available security features and/or not taking steps to verify their cloud provider's security.
While it is true that certain security functions may be out of a cloud customer's hands, CDW's poll found that only 54% of respondents encrypt data in transit, only 50% manage employee access to cloud applications, and only 44% require password changes every 90 days. These are basic security best practices that cloud users must adhere to. The ideal approach involves recognizing that the security measures you take in a traditional environment are in many ways the exact same measures you should take in a cloud environment.
Sign up for CIO Asia eNewsletters.