As cloud service providers mature, and expand and refine their offerings, it is increasingly difficult for many organizations not to at least consider moving certain functions to the cloud. Cost-reduction opportunities, scalability, flexibility and elasticity are just some of the potential benefits of such a move. However, companies looking to shift their information technology (IT) assets to a cloud model (public, private or hybrid) often are not fully informed, or simply are unaware, of the range of risks and limitations of cloud computing.
Most organizations do have security concerns about the cloud. Leadership, especially from IT, may worry that data will be less safe if hosted by a third party, instead of internally or in a “steel cage” by a local co-location provider. The fear of losing control of and visibility into IT systems is a key reason why many organizations decide to delay or cancel cloud conversions, particularly large commitments to the cloud.
Companies looking to derive benefits from embracing cloud services – including Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) – must thoroughly consider what will, and will not be, hosted by a cloud provider. Security risks and exposures do increase in the cloud environment. Additionally, there is an established precedent that cloud providers will not assume responsibility for protecting your organization’s data.