Assess Security of Cloud Computing Apps

New research finds that while cloud computing services are being widely adopted, more than 50 percent of IT professionals surveyed say their organization isn’t aware of all the cloud services employees are using — and few were evaluated for security before use.

The rapid-fire adoption of cloud computing might offer real advantages for small and mid-size businesses, but it also carries significant risks.

Too often, organizations simply aren’t keeping up with the cloud services their employees are using, according to recent research by the Ponemon Institute, an independent think tank focused on privacy and data security, and CA, Inc., an IT solutions provider. More than half of the IT personnel surveyed in the May study said their organization isn’t aware of all the cloud services employees have deployed, and less than half said that cloud services are evaluated for security before use.

“I think it shows a potential security meltdown in using cloud computing,” said Larry Ponemon, chairman and founder of the Ponemon Institute. “The IT people and the security people are miles away from the users who are deploying these applications and these technologies.”

A boon to small businesses

Cloud solutions offer “revolutionary potential” for small and mid-size businesses, says Mark White, chief technology officer for Deloitte Consulting LPP’s Technology practice. Flexibility when it comes to contracts, pricing, scale and demand enables small businesses to take on larger competitors.

“The cloud is a real boon to small business. The cloud can be a disruptive force that can help small businesses punch bigger than their size,” says Charles Babcock, author of Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can’t Afford to Be Left Behind (McGraw-Hill, 2010). “The cloud overturns the established way of doing things.”

A cloud checklist

Understanding how your employees are deploying cloud computing and establishing some sense of control are critical to managing security risks, say experts. Consider taking these steps to get a handle on your cloud computing presence:

  • Conduct a cloud inventory. Evaluate all activity your organization is conducting in the cloud. It’s not just a matter of cataloging cloud services embraced by your IT department or at an enterprise level, cautions Babcock. Just because you haven’t embraced cloud computing doesn’t mean your employees aren’t working in the cloud.  White often has conversations with CIOs who tell him their organizations don’t use cloud computing, only to find the company’s employees are doing so. Quite often, end users look to get their job done in the easiest way possible. “For employees, some enterprise issues of standardization, information privacy and security may not be at the top of their list,” White says. Be aware that employees might be reluctant to reveal what they’re doing in the cloud if they know they’re violating company policy or taking risks.
  • Become the preferred storefront. Making sure your employees go through your IT department gives you a tighter control on security. “Understand those services your organization might want or benefit from, subscribing to the public cloud,” says White. “Build a services catalog so it’s easier for them to come to you to get that service fulfilled.”
  • Establish a cloud computing policy. Management, IT, and end users should have an understanding of when it’s appropriate to work in the cloud. In the Ponemon survey, 68 percent of IT professionals thought cloud computing is too risky for financial information and intellectual property. In some instances, your company may be in violation of government regulations if certain data is sent out to the cloud. Sensitive information such as employee personnel records, social security numbers and medical information could be at risk in the cloud. “When you send your data to the cloud, you don’t know exactly where it’s going,” cautions Babcock. “It’s not a very good defense for the CIO to stand up in court and say, ‘I had no idea where the data was.'”
  • Vet cloud service providers. Eventually, cloud service providers will likely be able to provide some third-party authentication of security practices, predicts Ponemon.  Meanwhile, it’s up to you to properly vet the cloud providers your company uses. While the emphasis has generally been on cost, you should be asking questions about the co-mingling of data, the security of data centers and whether cloud service providers conduct background checks of employees. “The cloud service provider should be a close and trusted business partner,” Babcock says. “If you don’t feel that way with the cloud vendor you’re talking to, you probably need to go back to the drawing board and find someone you can trust.”

Although cloud computing might pose something of a “security minefield” right now, businesses have little choice but to catch up with the technologies their employees are embracing, says Ponemon. “We’re not going to stop the train. It’s going pretty fast here,” he says. “We know cloud computing is the future. If you’re not doing it, you’re going to be left behind. We have to figure out what to do with the risks we’ve already created.”

Full Source:

Follow Us!


Established in 2009, is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

8 Responses to Assess Security of Cloud Computing Apps

Cloud Infographic – The Future Of Big Data

Cloud Infographic – The Future Of Big Data

The Future Of Big Data Big Data is BIG business and will continue to be one of the more predominant areas of focus in the coming years from small startups to large scale corporations. We’ve already covered on CloudTweaks how Big Data can be utilized in a number of interesting ways from preventing world hunger to helping teams win…

5 Ways The Internet of Things Will Drive Cloud Growth

5 Ways The Internet of Things Will Drive Cloud Growth

5 Ways The Internet of Things Will Drive Cloud Growth The Internet of Things is the latest term to describe the interconnectivity of all our devices and home appliances. The goal of the internet of things is to create universal applications that are connected to all of the lights, TVs, door locks, air conditioning, and…

The Business Benefits of Cloud CRM

The Business Benefits of Cloud CRM

The Business Benefits of Cloud CRM From software deployment, to mobility, to wearable technology, cloud computing has transformed seemingly every aspect of modern business. Research indicates cloud applications and platforms will be at the forefront of IT spending by 2016, with half of all enterprises implementing cloud solutions by 2017. One of the quickest markets…

Cloud Infographic – The Future (IoT)

Cloud Infographic – The Future (IoT)

The Future (IoT) By the year 2020, it is being predicted that 40 to 80 billion connected devices will be in use. The Internet of Things or IoT will transform your business and home in many truly unbelievable ways. The types of products and services that we can expect to see in the next decade…

Cloud Computing and Social Networks

Cloud Computing and Social Networks

Pushing Innovation With Social Networks There was a time when storage space was a precious commodity. A few videos and photographs and the system would be gasping for breath in old PCs’ limited storage space. 10 Years ago, today’s top social networking sites would have broken down under the burden of the heavily visual traffic…



Cloud Logo Sponsors

hp Logo CityCloud-PoweredByOpenstack-Bluesquare_logo_100x100-01
cisco_logo_100x100 vmware citrix100
Site 24x7

Contributor Spotlight

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.


CloudTweaks Media
Phone: 1 (212) 763-0021

Branded Content Programs