Cloud security: Problems may lie closer to home

Last-mile issues should also be the focus for CIOs, not just factors in the cloud...

Lock-in, data security, compliance and lack of control all feature on CIOs' lists of cloud issues, but bigger problems may be sitting on their doorstep, says Mark Samuels.

The biggest inhibitors to the cloud are well known and usually include issues such as data security, regulatory compliance and vendor lock-in. These barriers usually involve external factors, including the stability of suppliers and the influence of regulatory bodies.

Such concerns are crucial, but is there too much focus on external factors at the expense of internal processes? Are CIOs worrying too much about on-demand factors beyond their control and not paying enough attention to the last mile of the network?

IT leaders can spend time and money establishing strong partnerships with suppliers that meet tight demands on information security and data access. But any agreement with external partners, and the potential to use technology on demand, is only as valuable as the supporting internal structure.

It seems CIOs are far more concerned about external issues in the cloud than the supporting internal structures

It seems CIOs are far more concerned about external issues in the cloud than the supporting internal structures
Photo: Shutterstock

Most critical of all is an online connection. If your organisation moves to the cloud, your workers will need to know hosted applications and information will always be available. As such, the last mile of the network is crucial.

High-speed broadband stumbling point

Support comes from Quest Software CTO Joe Baguley, who suggests any attempt to establish the cloud will fail without high-speed broadband connectivity - and that could be a significant stumbling point. "We still don't have decent ubiquitous internet access," he said. "Senior executives still need to think about a disconnected operation."

It is a moot point. Having recently sat through a two-hour roundtable discussion on the cloud, and having not heard a single mention of network concerns, it would appear that CIOs are far more concerned about the external issues of information security and regulatory compliance. That lack of awareness must be addressed.

"From a corporate perspective, if you switch to cloud services, you will more than likely have to beef up all your office connections to the internet, as a lot of traffic that previously would have been staying inside the firewall to internal apps will now need to flow across it to your external cloud providers," explained Baguley.

Going online, then, poses a particular concern for the business. And as with security issues associated with the cloud, the preparedness of CIOs to rely on the last mile of the network is directly related to the propensity of the business to deal with risk.

Cloud risks and business needs

Robert Thorogood, CTO at engineering consultancy Hurleypalmerflatt, said IT leaders must think about business needs and the cost associated to risk. "The question should always be about the effect on the organisation if hardware or software goes down," he said.

"Different businesses can stomach different amounts of risk. For a financial firm, the potential exposure from dropping a trade - both in terms of loss and regulatory concerns - is huge. Any CIO has to understand the risk of losing operations."

Once that risk is understood, CIOs can begin to take a serious look at the cloud. While still an emerging area of technology provision, on-demand computing has the potential to...