Executives see security of cloud data as more important than ease of use

’Nimble’ businesses report much better cloud data security than transformational laggards

Cloud data security has been recognised as the most important focus area to improve business competitiveness in a recent survey of executives that also ranked internal user experience second.

Conducted amongst 175 American and European executives, the Unisys/IDG research found that 29 percent of respondents named the security of cloud data as the key priority – and a further 22 percent named it second – out of six key areas of prioritisation including customer experience; infrastructure performance and availability; timeliness in creating development and production environments; cloud and data centre management to better utilise all assets; and internal user experience.

Some 54 percent of respondents said their greatest business challenge lay in managing security threats and risks, and the compliance issues that they present.

“Respondents who indicate that their organizations have an excellent or very good ability to integrate and automate workloads across multiple cloud platforms also assign their organizations a higher average flexibility rating,” the survey's authors noted, with 15 percent of respondents falling into this category and therefore being classified as 'nimble'.

The results highlighted the value of a nimble mode of execution in improving business outcomes, with 59 percent of such respondents – those that said their organisations were 'nimble' – saying their nimbleness had helped improve data security and 56 percent of this group saying they had improved the speed of business decision making.

The results confirm that security is still seen as the biggest obstacle to adoption of cloud solutions, which show increasing potential in transforming businesses to a predominantly digital mode of operation – a goal that was recognised as essential by 72 percent of the respondents.

Despite broad enthusiasm about the model and its potential, concerns about the security of cloud solutions have kept many organisations from adopting cloud-based tools: it was only in June this year that one cloud-security report found, for the first time, that more than half of CISOs believed cloud apps were as secure or more secure than on-premises apps. Unsurprisingly, this was a similar result to the 45 percent of the Unisys survey respondents' applications that were still being installed on premises.

Cloud-based applications have had their share of security issues: recently, for example, a series of hacks against point-of-sale systems hit the operator of a cloud-based service that had around 38,000 business clients. Cloud-storage giant Dropbox recently force-reset 68 million passwords after a major password compromise, reflecting the kind of compromises that drove a recent cloud-authentication partnership between Okta and Google.

Future cloud protection strategies are expected to leverage increasingly responsive technologies as well as artificial intelligence (AI) capabilities. Boosting visibility is a key goal – particularly in the wake of other recent studies such as a Bitglass/Cloud Security Alliance study that found less than 1 in 3 businesses was keeping audit logs of cloud activity and only 28 percent had visibility of user logins that would give them insight into cloud-related 'shadow IT' activity.

For now, however, the Unisys survey suggests that executives' concerns are still focused as much on the security of their businesses as they are on the security of the cloud services they want to adopt. This reflects a recent Gartner prediction that 20 percent of organisations will develop data-security governance programs by 2018 in response to the need to prevent breaches from public cloud services.

“Data security is at the forefront of today's IT agenda because it's become a given,” the Unisys report notes. “If a company loses a customer's private data, it may not only lose that customer but also face harsh penalties. This is why data security needs to be proactive, whether the data resides on premises or in the cloud – or a combination of the two.”