Looking at Clouds

Ask businesses what their top information technology initiatives are for the coming year and cloud computing is likely to be pretty close to the top of the list.

By Patricia Vowinkel

A recent survey by Gartner found that cloud computing is a priority for many companies and that many are planning to migrate onto the cloud in the next few years.

While just 3 percent of chief information officers surveyed by Gartner said that the majority of their information technology infrastructure currently runs on the cloud or via software-as-a-service technologies, over the next four years that number is expected to increase to 43 percent, according to the 2011 CIO Agenda survey.

Welcome to the 'Big Data' Era (09/15/11)
The Hack Attack Worsens (08/01/11)
Beating Back the Breach (06/01/11)
Finally Going Mobile (09/01/11)
Business as Usual Off the Table (10/01/11)

Companies are being drawn to the cloud in the hope that they can take advantage of economies of scale, reduce capital costs, divest themselves of infrastructure management, and gain the ability to operate more efficiently.

It is all still early stages, but it is here and it's now.

"This is the next phase of computing architecture," said Matthew Gardiner, a director working in CA Technologies' security business unit.

It may be the next phase of computing architecture, but many companies are still wary of the whole thing.

In a recent survey conducted by CSO, CIO and PricewaterhouseCoopers, 62 percent of business and technology executives from around the world said they had little or no confidence in their ability to secure any assets they put in the cloud.

Moving onto the cloud can be a bit like moving into a darkened room, said Scott Chasin, chief technology officer, Content and the Cloud Security, at McAfee and a pioneer in the cloud security industry. After having every detail at their fingertips when they move onto the cloud, businesses lose their information technology security "visibility" or "transparency".

But Chasin sees 2011 as a pivotal year for cloud computing security.

The cloud computing industry recognizes that enterprises have real security concerns.

In addition to improving transparency, cloud providers also will be focused on providing enterprises with greater assurance about the security of their assets.

Some new developments include CloudAudit and Cloud Secure. CloudAudit, an industry organization that formed last year, is developing a common interface to allow for automation of audits and security.

Cloud Secure is a program McAfee launched about a year ago aimed at helping cloud-computing providers and software-as-a-service vendors offer their customers more security assurances.

At the enterprise level, the outsourcing of information technology services is not exactly a new concept, and so many of the security and risk issues are a part and parcel of the information technology challenges enterprises have faced over the past two decades. It is now just a matter of extending existing principles and practices to address cloud security specifically.

Businesses that want to migrate to the cloud should start with low-risk, commoditized data or applications, Gardiner said.

Instead of going out onto the public cloud, a number of businesses are developing their own internally controlled cloud as they try to gain the best of both worlds.

Expect companies to use a blend of approaches, from using public and private clouds to other ex-nimbus solutions.

PATRICIA VOWINKEL has worked for national media outlets for more than 20 years.

March 1, 2011

Newsletter Sign-up