Study: Cloud providers and users differ about security
A study conducted by the Ponemon Institute, an independent research firm that specializes in information and data security, suggests there may be significant differences of opinion between users and vendors when it comes to cloud computing security.
A recent study conducted by the Ponemon Institute, an independent research firm that specializes in information and data security, suggests there may be significant differences of opinion between users and vendors when it comes to cloud computing security.
The study, entitled Security of Cloud Computing Providers, surveyed 103 cloud computing service providers in the U.S. and another 24 in six European countries. It found that many cloud providers do not view cloud computing security as a competitive advantage in their field. Fewer than 20 percent of cloud providers surveyed indicated they view security as a competitive advantage, while less than 30 percent said they see security as an important responsibility.
Fewer than 27 percent of respondents said they believe their cloud offerings substantially protect customers' information and data.
These results may indicate a significant difference of opinion between many providers and their customers. According to the study, approximately 69 percent of cloud vendors believe that security is primarily the responsibility of cloud users.
Among the cloud users surveyed, meanwhile, just 35 percent said they consider cloud computing security their own responsibility. Similarly, while 16 percent of cloud providers indicated they feel security is a joint responsibility, approximately 33 percent of users feel this way.
Larry Ponemon, chairman and founder of the Ponemon Institute, said the differences of opinion may eventually lead cloud users to pressure vendors to change their priorities. "Given the well-publicized concerns about the potential risks to organizations' sensitive and confidential information in the cloud, we believe it is only a matter of time until users of cloud computing solutions will demand enhanced security systems," Ponemon said. "However, until this happens, users of cloud computing should be aware of their responsibility to assess the risks before migrating to the cloud."
Cloud computing security may become even more important as companies rely on the cloud for a growing proportion of their infrastructure. According to a recent Gartner study, the global IaaS market is expected to reach $10.5 billion by 2014.