Ads by TechWords

See your link here
Receive the latest technology news and information.
Networking
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Cloud security fears called overblown, 'emotional' at IDC forum

IDC expects spending on cloud services to almost triple by 2012

February 18, 2009 12:00 PM ET

IDG News Service - It may sound like heresy to say it, but it's possible to worry a little too much about security in cloud computing environments, speakers at IDC's Cloud Computing Forum said on Wednesday.

Security is the No. 1 concern cited by IT managers when they think about cloud deployments, followed by performance, availability and the ability to integrate cloud services with in-house IT, according to IDC's research.

Keeping data secure is critical, of course, but companies need to be realistic about the level of security they achieve inside their own business, and how that might compare to a cloud provider such as Amazon Web Services or Salesforce.com, forum speakers said.

"I think a lot of security objections to the cloud are emotional in nature, it's reflexive," said Joseph Tobolski, director for cloud computing at Accenture. "Some people create a list of requirements for security in the cloud that they don't even have for their own data center."

That was the experience of Doug Menefee, CIO at Schumacher Group, which provides emergency-room management services to hospitals. The company is in the midst of a project to migrate most of its applications to hosted, cloud-based services.

"My IT department came to me with a list of 100 security requirements and I thought, 'Wait a minute, we don't even have most of that in our own data center,'" he said in an interview at the forum.

Schumacher Group takes security seriously, Menefee said, but as a midsize company with only three IT staff working full time on security, he trusts large cloud providers to do it better. "We get the same level of security with Salesforce.com as any large company using that service," he said. "I'm using the economies of scale."

Schumacher Group stores sensitive data only with providers that comply with the U.S. Health Insurance Portability and Accountability Act (HIPAA), Menefee said. He recently started a project to deploy Google's online productivity tools, but Google is not HIPAA-certified, "so no patient data gets stored there," he said.

He also noted that Schumacher Group is not a publicly traded company, and its legal requirements for security are less complex than for public entities. Some large enterprises, especially in areas like finance, will have greater concerns about security, noted Jean Bozman, an analyst at IDC.

Still, one audience member, admitting that the idea was "counterintuitive," said security concerns may actually drive companies into the cloud.

"It is becoming almost impossible today to secure the enterprise, the cost and complexity are moving so fast," he said. "If you go to the RSA [security] conference, the major vendors will tell you every year that their next release will solve all these security problems that you have today. But they never do."


Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Jump to comments

cloud computing

Additional Resources

Microsoft
Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.
Microsoft
Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

What People Are Saying

White Papers & Webcasts

Moving Beyond Monolithic White Paper
What's next for enterprise application architecture? Learn Now.  

Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.

The ROI of Software-As-A-Service - Forrester Research
Learn if SaaS has a long-term value. Read now.  

The Workday User Interface White Paper
Read how Workday re-invents the user experience in enterprise applications.  

The Value of Real SaaS at Workday
Download this short video! Provided by Workday

Integration On-Demand White Paper
Solve your enterprise systems integration problems now. Read this whitepaper.  

Top HPC Use Cases in Life Sciences
Learn from the experts how best to apply cutting edge high-performance computing techniques a life sciences environment.

The Continuous Innovation of SaaS - Jason Corsello, Knowledge Infusion
The next generation ERP systems have arrived. Learn more now.  

Disaster Recovery & Cost Savings Zone
Thousands of customers world-wide have turned to virtualization solutions from Riverbed as a way to reduce costs.



IT Jobs