- Concerns over security are so high they break down into sub-concerns, each of which carries enough worry to make it a primary obstacle all by itself:
- 58 percent worry about mass malware outbreaks at a cloud provider's facility;
- 57 percent worry the provider will be hacked;
- 57 percent worry insiders will share data that's (technically) already outside the company, in a cloud;
- 56 percent worry rogue cloud systems hired by business-unit managers will cause a breach in the primary corporate apps;
- 56 percent worry using an external provider will allow data leaks between different customers inhabiting the same cloud;
- 55 percent worry about DDOS attacks on the provider;
- 54 percent worry about a complete loss of data for a court case;
- 52 percent worry about not being able to recover data for a court case (IT is now officially too worried about lawsuits and e-discovery; see accompanying post for a little appropriate whining about that)
- 52 percent worry cloud systems won't meet the requirements for regulatory compliance audits.
That's a lot of very specific worry about something that's supposed to resolve IT concerns about data and security, not add to them.
Why is security still such a mystery and such a concern?
Security has been the No. 1 concern about the cloud since the term first migrated from the oversimplified-presentation palate of telcos to the artificially overcomplicating presentation palates of tech consultancies.
Security is the reason cited most often for a migration speed so slow that three years after the idea of external, public-cloud computing took over the computing world (or at least its hype cycle) only a third of companies have made significant progress on their goals to adopt it.
- According to Symantec's data:
- between 11 percent and 19 percent of companies polled may be thinking about cloud, but haven't done anything about it;
- 19 percent to 25 percent aren't even considering doing anything;
- 19 percent to 20 percent are in discussion or planning phases;
- only 34 percent are either in trials or actively implementing cloud.
That's not a big percentage for something that takes up so much of the hype-consumption capacity among end-user companies. Vendors still seem puzzled about why adoption is so slow and methodical, aside from how fundamental the change is from concepts of computing based on the physical location of servers compared to virtualized-everything-computing.