A recent study of Ponemon Institute reveals that cloud computing vendors and customers are not paying much importance to security issues.
According to “Security of Cloud Computing Providers” study, security is a low priority for cloud service providers and their customers. From the survey respondents, 73 percent of U.S. service providers and 75 percent of European providers, said that their cloud services does not protect and secure confidential information. Cloud providers were also not sure if their solutions meet customer’s security requirements.
Security is also a low priority for customers who purchased a cloud solution. Their primary reason for purchasing was cost reduction (91 percent), ease of deployment (79 percent) and improved customer service (37 percent).
Most cloud computing providers does not consider security as their most important priority. Less than 10 percent are allocated to security. Some vendors revealed that their systems and applications are not always evaluated for security threats, while some others do not have dedicated security personnel to check the security of their cloud applications, infrastructure or platforms.
Cloud computing vendors and users are not on the same page when it comes to security. Most providers think that it is not their job. Ponemon compared the results of the current study with last year’s similar study. It has revealed that, “neither the company that provides the services nor the company that uses cloud computing seem willing to assume responsibility for security in the cloud. In addition, cloud computing users admit they are not vigilant in conducting audits or assessments of cloud computing providers before deployment.”
Most local, federal and state government are already moving or have already moved into the cloud. Most local, federal and state government are already moving or have already moved into the cloud. GNC reported that the Distributed Management Task Force could help government IT with cloud security, and they working on developing specifications to help organizations audit their cloud systems.