Recent studies on cloud technology and its perceptions in the market reveal concerns over accountability for security in the cloud, poorly communicated cloud strategies, and confusion over what the approach to cloud really means.
A study from IDG Research, underwritten by Datalink and Insight, found that most organizations do not have a clearly documented and communicated cloud strategy, and don’t have the solid foundation needed for IT transformation efforts. The study found that only 28 percent of surveyed organizations have a clearly documented and communicated cloud strategy. While 48 percent have documented their cloud strategy, they have not communicated it to their staffs.
“Many cloud deployments have proceeded without a clear understanding of the impact on cost, management and other factors,” the survey notes.
Additionally, the survey brings up the issue of cloud-first strategies, which are the subject of current debate in the Federal IT community. While 75 percent of organizations claim to have a cloud-first approach, confusion still exists around the term. For 45 percent of organizations, cloud-first means cloud-only, while for 30 percent of surveyed organizations, cloud-first means a more nuanced, hybrid cloud approach.
The IDG survey also found that data security is seen as one of the main advantages of cloud–a sentiment that is echoed by a separate study from the Cloud Security Alliance on organizations moving enterprise resource planning (ERP) applications to the cloud.
However, the responsibility for cloud security is a murky topic; 60 percent of those surveyed say the cloud service provider is responsible for a breach, but 77 percent feel the responsibility to secure applications is on their own organizations.
“This perception gap shows that organizations need to take more ownership of their business-critical applications while migrating them to the cloud,” the Cloud Security Alliance said.