Cloud-Based Services: Perceived Vulnerability of Sensitive Data a Drag on Adoption in Europe

By October 24, 2013
cloud security

Adoption of Cloud-based services is becoming widespread, but nearly half of all European companies recently polled are still reluctant to use them, mainly due to data security concerns that they feel have not yet been sufficiently addressed.

Well over half (57%) of the IT departments at 300 European companies polled recently for a report by UK-based research and analysis company Quocirca stated that they use the Cloud, either on a case-by-case basis, or as part of general company policy. These firms reckon that using Cloud-based services helps to boost their competitiveness, improving both productivity and collaboration, for a much lower cost than on-the-premises solutions or other services that could deliver similar benefits. The report entitled ‘The adoption of cloud-based services: Increasing confidence through effective security’, compiled on behalf of US IT management solutions firm CA Technologies following a survey among IT directors in eight European countries or regions, reveals reasons why some organisations are reluctant to adopt these services. First and foremost the figures show that slightly less than half (43%) of the respondents are still wary of using the Cloud, 23% of the companies being categorised in the report as ‘avoiders’, and the 3% who said they proactively block the use of Cloud services in all areas described as ‘blockers’.


Doubts over ability to provide security


The prospect of sending highly confidential data to the Cloud, even with secure access arrangements – whether as part of a formal approach decided on by the IT department or on an informal basis, i.e. at a personal or departmental level – still raises major fears among European firms considering using these services. Around 50% of the cautious firms point to the risks around intellectual property and patents or raise issues vis-à-vis the security of personally identifiable data, while 39% fear loss or careless handling of data if they decide to store highly confidential information in the Cloud. However, Quocirca identified no general rejection of the Cloud approach here. Close to 80% of the ‘avoiders’ stated that the problem is a lack of resources to provide security, while 65% said they simply lack the necessary skills at the company. So Cloud-avoidance appears to stem more from a lack of tools to help manage a company’s use of the Cloud than from any genuine reluctance regarding the tool itself.


Security the primary concern for both avoiders and enthusiasts


The ‘avoiders’ justify their stance by pointing to general concerns over data protection. However those firms that do use the Cloud on a regular basis express exactly the same concerns. The report underlines that what is most important is how those security concerns are addressed in practice. The overwhelming majority of what the report calls ‘Cloud enthusiasts’ have developed dedicated security systems using identity and access management (IAM) upstream of the service. Close to 70% of the ‘enthusiasts’ have implemented a Software-as-a-Service (SaaS) approach which in itself helps to boost the efficiency of Single Sign-On (SSO) access control – which enables user access to all related systems via a single logon. The findings show that while the Cloud is now enjoying a high profile in terms of individual use, if companies and organisations are to move systematically to the Cloud they will need not only to improve their security systems but also to clarify and gain a better understanding of the various options available for protecting stored data.


Legal mentions © L’Atelier BNP Paribas