Cloud computing security: no more oxymoron?

Cloud computing security: no more oxymoron?

Summary: It would seem that cloud computing has crossed the Rubicon. Until quite recently, the main objection to cloud computing cited by surveys and anecdotal evidence alike has been the issue of security.

TOPICS: Networking

It would seem that cloud computing has crossed the Rubicon. Until quite recently, the main objection to cloud computing cited by surveys and anecdotal evidence alike has been the issue of security. Where is my data, will it be secure against hackers and hardware failure and can I get it back again have all been highly pertinent and frequently asked questions. I think that's changing.

Cloud computing is of course, primarily about hosting your data somewhere other than your own premises. Yes, I know about private clouds but for the purposes of this discussion, I'm talking about public clouds. And rightly so, before doing that, companies ask the questions above, and more, in order to assure themselves that their single biggest and most precious asset isn't going to disappear on them. There's a couple of pieces of evidence which suggest that this is changing.

First among them is a poll of attendees at a conference of cloud users at an event held by analyst firm STL Partners [disclosure: I write analyst reports for STL]. The poll's results (more here) showed that the first objection to using cloud computing was not security in all its manifestations but internal resistance, and especially a fear of losing jobs.

Second is a survey by technology reseller Insight of 80 CIOs which also showed that security no longer prevented companies using cloud-based services. They also cared about yes, jobs, but also about asset utilisation - ie whether they were getting the best from their existing technologies. Caveat: Insight has a reason for asking the questions it does, and it's unarguably true that the questions you ask determine the answers you get, yet I sense there's some substance there.

What does all this add up to? Maybe not a hill of beans but perhaps a mound. One interpretation is not so much that cloud computing services providers are getting better at security but that their failings (which are common to almost all IT projects and installations) are being discounted.

In other words, it's not that security is any less important. It's just that people have adjusted their expectations in the light of reality and highly publicised breaches and failures, and no longer expect cloud computing to be better at security and reliability than the stuff they already have, they just expect it to be cheaper.

How will this develop? Experience teaches us that if you build a honeypot, hackers will come. And cloud computing services providers are building huge honeypots which they will have to defend so security issues may not get any easier. Reliability on the other hand should improve as the technology becomes more robust and process standards adherence improves.

Is that how you see it? Or will cloud actually improve data security?

Topic: Networking

Manek Dubash

About Manek Dubash

Editor, journalist, analyst, presenter and blogger.

As well as blogging and writing news & features here on ZDNet, I work as a cloud analyst with STL Partners, and write for a number of other news and feature sites.

I also provide research and analysis services, video and audio production, white papers, event photography, voiceovers, event moderation, you name it...

Back story
An IT journalist for 25+ years, I worked for Ziff-Davis UK for almost 10 years on PC Magazine, reaching editor-in-chief. Before that, I worked for a number of other business & technology publications and was published in national and international titles.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • Your comments would seem pretty naive and immature. Your 'solution' appears to be, "gee, let's all just give in to the hackers and give them whatever they wan't". Anyone with anything more than trivial to do or store will hardly subscribe to that mantra, meaning those you interviewed were not really in any kind of serious, high-stakes business.

    You will be able to tell that your subject is NOT an oxymoron when serious government classified data is stored in the cloud. And on that day, hell will, in a word, become much cooler.