The Snowden effect: How it's still denting business confidence in cloud security

Signs were that security was beginning to recede as an obstacle to cloud adoption. That was until Edward Snowden's revelations about NSA's PRISM data-mining activities.

Special Feature

IT Security in the Snowden Era

The Edward Snowden revelations have rocked governments, global businesses, and the technology world. Here is our perspective on the still-unfolding implications along with IT security and risk management best practices that technology leaders can put to good use.

Read More

After falling in 2013, concerns about cloud security and data privacy jumped upwards again this year — even though cloud-related breaches remain rare for most businesses.

For the past four years, security has been glued to the top of the list of businesses' concerns about adopting cloud services. But it fell from being cited by two-thirds of senior IT decision makers in 2012 to 57 percent last year, according to research from the Cloud Industry Forum. However, this year it was back up to 61 percent.

Concerns about data privacy — in second place after security — also rose again, from 51 percent in 2013 to 54 percent this year. The third-placed concern, data sovereignty, followed the same pattern, rising from being cited by 26 percent of respondents in 2013 to 28 percent now.

"Businesses are right to be concerned about their data, but this applies as much to cloud environments as to on-premise," CIF chief executive Alex Hinton said in a statement.

His organisation, set up in 2009 by the Federation against Software Theft, is a non-profit body that champions the adoption of cloud services.

Despite high levels of concern about data security, only two percent of respondents who use the cloud reported ever having experienced a breach when using a cloud service.

"This should be seen as a solid reinforcement that the fear of a security issue is more exaggerated than the reality of incidents," the report said.

The CIF research using 250 respondents has been conducted for the past four years among UK senior IT staff and business executives. This time it addressed in part the impact on the cloud of the revelations by former NSA contractor Edward Snowden about the secret PRISM mass data-mining project.

When specifically asked about keeping corporate data in the cloud in light of the publicity over Snowden, 59 percent of the respondents expressed concern ranging from mild to extreme.

In fact, a third of them said the revelations had changed the way they secure information, with 17 percent changing where they put data and almost one in 10 changing cloud provider as a result of the Snowden affair.

The report's authors said: "Security continues to be the nagging doubt in the mind of the customer impacted by the rumblings around international data protection and sovereignty and the public playing out of issues like the PRISM debacle.

"It is not however preventing cloud adoption but the perceived issued needs to be countered. It should be stressed it is about managing perceptions rather than an evidenced risk."

More on cloud and Snowden

Show Comments