Are Cloud Computing Service Providers Shirking Responsibility On Security?

Are Cloud Computing Service Providers Shirking Responsibility On Security?

Former American President Harry S. Truman famously had a sign on his desk at the Oval Office with the phrase, “The Buck Stops Here!” It signified that it was the President who had to make the hard decisions and bear responsibility for them; he could not pass it on to someone else, being at the head of command. Unfortunately, it seems that cloud computing service providers believe in a completely different ideology.

For them, it’s passing the buck that has become an established norm, especially regarding security. While the recent outage at Amazon has seriously undermined cloud computing’s claims of reliability (See: Lessons from the Amazon Cloud Outage) and a Greenpeace report questioning the technology’s environment-friendliness (See: Environmental Challenges to Cloud Computing), several of cloud computing’s perceived advantages (See: Which Cloud Computing Quality Works For You? ) are under serious threat.

Now, a new report that says that most cloud computing providers don’t see securing customer data as their primary responsibility but seek to “pass the buck” to customers themselves may end up vilifying cloud computing further. Especially since in almost every survey conducted to measure the adoption of cloud computing, security has always been the prime concern holding back wider acceptance (See: UK Lags Behind Other European Nations in Adoption of Cloud Computing).

According to the Ponemon Institute’s “Security of Cloud Computing Providers Study” commissioned by enterprise software vendor CA, most cloud computing service providers paid more importance to cost reductions and rapid deployments than to security. The survey was conducted amongst 127 providers, 103 from the US and the rest from Europe. 65% of the respondents were public cloud providers, while the rest worked on private and hybrid clouds (See: Having The Best Of Both Worlds With Hybrid Clouds and Which is the Safer Cloud – Public or Private? ).

According to the survey responses from managers, director and technical staff for the service providers, more than 50% “do not consider cloud computing security as one of their most important responsibilities and do not believe their products or services substantially protect and secure confidential or sensitive information.” Private cloud providers were found to be more sensitive to security concerns than their hybrid cloud counterparts.

What’s more alarming is their nonchalance on the matter, in spite of awareness of their deficiencies. Over 60% of the respondents expressed lack of confidence in the security of their own services.  In fact, 91% said they don’t provide security-as-a-service from the cloud today, but about one third are considering doing that in the next two years.

If the risk of breach outweighs potential cost savings and agility, we may reach a point of cloud stall, where cloud adoption slows or stops, until organizations believe cloud security is as good as or better than enterprise security,” warned Mike Denning, CA Technologies general manager for security. Matthew Gardiner, CA Technologies director of security, struck a conciliatory note, saying that providers were merely responding to greater demand for cost reduction as compared to security. However, many other surveys offer a contrary opinion.

One of these is the one conducted by the same people who did this survey. According to that survey conducted among cloud computing users as compared to the current one where service providers were the respondents, there is considerable difference of opinion between these two stakeholders. Nearly 70% of users said vendors were most responsible for ensuring the security of cloud resources, whereas only 32% of the current respondents held themselves accountable. The authors of the study recognize this discrepancy and state that “different perceptions about who is responsible for securing the cloud means organizations may be over relying on their cloud vendors to ensure safe cloud computing.”

While there is no denying the cost reductions cloud computing can bring (See: How Cloud Computing Can Save You Money), I believe that service providers are being extremely short-sighted by discounting the importance of security. Even if clients do not explicitly stress on security, something many surveys contradict, the providers should consider the long-term implications of this approach. For example, security breaches can end up costing more money than can be saved in the short term.

Therefore, service providers should not neglect the security aspects of their services. We live in a world under constant threat of cyber-terrorism; it’s in everybody’s interest to take active steps to combat it.

By Sourya Biswas

sourya

Sourya Biswas is a former risk analyst who has worked with several financial organizations of international repute, besides being a freelance journalist with several articles published online. After 6 years of work, he has decided to pursue further studies at the University of Notre Dame, where he has completed his MBA. He holds a Bachelors in Engineering from the Indian Institute of Information Technology. He is also a member of high-IQ organizations Mensa and Triple Nine Society and has been a prolific writer to CloudTweaks over the years... http://www.cloudtweaks.com/author/sourya/

One Response to Are Cloud Computing Service Providers Shirking Responsibility On Security?

Join Our Newsletter

Receive updates each week on news, tips, events, comics and much more...

Can I Contribute To CloudTweaks?

Yes, much of our focus in 2015 will be on working with other influencers in a collaborative manner. If you're a technology influencer looking to collaborate with CloudTweaks – a globally recognized leader in cloud computing information – drop us an email with “tech influencer” in the subject line.

What is the 12/12 Program?

This program is designed to better handle the thousands of requests we receive from people looking to submit articles. The 12/12 program is the commitment of 12 articles delivered over a 12-month period.  

Wait! What if I just want to submit one article?

Our popular pay as you go sponsorship program provides the flexibility to submit as you wish and is designed for all budgets.

Contributors

Ten Tips For Successful Business Intelligence Implementation

Ten Tips For Successful Business Intelligence Implementation

Ten Tips for Successful Business Intelligence Implementation The cost of Business Intelligence (BI) software goes far beyond the purchase price. Time spent researching, implementing, and maintaining your BI investment can snowball quickly and mistakes are often expensive. Your time is valuable – save it by learning from other businesses’ experiences. We’ve compiled the top ten

Knots And Cloud Service Providers

Knots And Cloud Service Providers

How Do These Two Compare? In Boy Scouts, I learned how to tie knots. The quickest knot you can tie is the slipknot. It’s very effective for connecting one thing to another via the rope you have. It was used in setting up tents, mooring boats to docks temporarily and lifting your food up into

What Ever Happened To Google Glass?

What Ever Happened To Google Glass?

What Ever Happened to Google Glass? It was supposed to be the next big thing in tech so where did it go? Last year you could not go anywhere without hearing about some insane new use for the product and now it seems to have vanished in a plume of smoke. A Lackluster Rollout Back

Posted on by

Big Data

To Have and Have Not: Big Data Initiatives In Developing Countries

To Have and Have Not: Big Data Initiatives In Developing Countries

Big Data Initiatives In Developing Countries The poor of the developing countries are becoming increasingly connected, to the point where they too are part of the Big Data revolution that’s happening across the globe. It didn’t come with laptops, though, as some supposed it would. Whereas it costs a fortune to connect broadband to a

Big Data In Your Garden: Initiatives For Better Understanding Nature

Big Data In Your Garden: Initiatives For Better Understanding Nature

Big Data in Your Garden Big Data and IoT initiatives are springing up all across the globe, making cities, protesters–and just about everything else–smarter. However, thus far there’s been little attention paid to the interactions between these bizarre technologies and living things other than humans. Biology, that is, human biology is one field where Big

Who Holds the Key to the City: Big Data and City Management

Who Holds the Key to the City: Big Data and City Management

Big Data and City Management Cities like New York, Madrid, and especially Rio de Janeiro are augmented with Big Data-powered initiatives that range from combating crime with predictive analytics (New York & Madrid) to providing real-time data for improved management. Although Big Data is no panacea and is mainly used in conjunction with a greater

Internet of Things

Where’s the Capital of the Internet of Things?

Where’s the Capital of the Internet of Things?

Where’s the Capital? We all know the capitals of fashion are London, New York and Paris, while the capital of film is Hollywood (or Bollywood!) – but what’s the new capital of the internet? Specifically, the internet of things? The answer – according to new research by Ozy – might surprise you. It’s not Tokyo, Seoul,

Smart Cities – How Big Data Is Changing The Power Grid

Smart Cities – How Big Data Is Changing The Power Grid

Smart Cities And Big Data As Anthony Townsend argues in his SMART CITIES, even though the communications industry has changed beyond recognition since its inception, the way we consume power has remained stubbornly anachronistic. The rules of physics are, of course, partially to blame, for making grid networks harder to decentralize, as opposed to communication

Aggregated News

Popular News Sources

Microsoft to enter the STRUGGLE of the Human Wrist

Microsoft to enter the STRUGGLE of the Human Wrist

It’s not just a thumb war, it’s total digit war The battle for the future of the human wrist entered a new phase on Monday after it was claimed that tech goliath Microsoft is planning to release its own wearable computer in the coming weeks.…Read the source article at The Register About Latest Posts souryaSourya

Standards Organization ISO Takes on Cloud Computing Standards

Standards Organization ISO Takes on Cloud Computing Standards

Given the quality differences in different cloud services and issues of compatibility, ISO, the world’s best known standards body has issued two standards related to cloud computing…. Read the source article at Web Host Industry Review About Latest Posts souryaSourya Biswas is a former risk analyst who has worked with several financial organizations of international

IBM Paying $1.5 Billion to Shed Its Chip Division

IBM Paying $1.5 Billion to Shed Its Chip Division

IBM will pay $1.5 billion to Globalfoundries in order to shed its costly chip division. IBM will make payments to the chipmaker over three years, but it took a $4.7 billion charge for the third quarter when it reported earnings Monday. Read the source article at Mashable About Latest Posts souryaSourya Biswas is a former risk