One of the primary concerns among IT and business decision-makers regarding cloud computing, including Software-as-a-Service (SaaS), is potential security problems. Yet, most enterprises are facing an uphill battle trying to keep their own operations secure.
The latest illustration of this point is Tuesday’s Wall Street Journal story claiming that the FBI is investigating a potential security breach within Citigroup (C) that may have resulted in the theft of millions of dollars by a Russian cyber gang. While Citigroup is denying that its computers were compromised and that there is an investigation underway, the story is a clear reminder that no one is safe from hackers intent on attacking a specific target.
Therefore, cloud computing vendors are no more vulnerable and are not necessarily less secure than enterprises. In fact, if the lack of published stories about security infringements among cloud computing vendors is a good indicator, then these vendors have actually proven to be less susceptible to these attacks. You can bet the business and tech pubs are looking for these stories to demonstrate the risks associated with cloud computing and SaaS. Yet, a tally of stories re: security infractions involving enterprise operations vs. cloud vendors will certainly tilt heavily toward enterprise incidents rather than those in the cloud.
This makes me feel even better about the column I published in Datamation last June encouraging IT and business decision-makers to do their due diligence on the security measures in place within the cloud or SaaS vendors they’re considering. These decision-makers should not let their security concerns get in the way of seriously considering and capitalizing upon the tremendous business benefits associated with cloud and SaaS alternatives.