Trust and security in the cloud

By Andrew Buss & Dale Vile

KEY FINDINGS

Many companies could do much better when it comes to in-house security

Many companies implement security reasonably well, but there is a widespread gap in the tools and
policies they have in place with the result being that their security capability is some way off where
they would like it to be. Additionally, there is a significant risk of data loss through end user devices
and services, which is amplified by a general lack of attention to security by the workforce.

SaaS adoption is limited currently, but there is increasing interest from the business

SaaS is not yet part of the mainstream, but interest is increasing. While it might be expected that
demand is driven by individuals or departments, the biggest driver in fact is felt to come from
business leaders as well as senior IT management. This demand means that IT departments will
increasingly be under pressure to consider and deploy SaaS as part of the service delivery portfolio.

The biggest impediment to SaaS adoption is a perception of security issues

There is a widespread belief that SaaS represents a considerable step backwards in security and
privacy in comparison to on-premise capabilities, and that this is a sufficient reason not to adopt
SaaS. Additionally, SaaS providers are seen by the respondents as broadly similar when it comes
to security and privacy regardless of their actual capabilities.

Companies with experience of SaaS are positive about provider security

There is an understandable attitude amongst those companies that have limited or no experience of
SaaS that what is new or unknown represents a risk. However, when it comes to companies that
use SaaS extensively, most view provider security as either equal to, or better than, their onpremise
capabilities. This changes the outlook completely, with security moving from being a
blocker of SaaS to being a potential driver of adoption.

SaaS is likely to help with shortcomings of on-premise security capabilities

Given the security gap that exists for many companies, which is especially marked for departmental
and collaboration applications, SaaS can help to raise the overall level of security. But it needs to be
evaluated impartially using the same criteria as on-premise solutions since providers differ with
regard to capability, culture, service and cost.

Content Contributors: Dale Vile & Andrew Buss

Click here for more posts from this author

Through our research and insights, we help bridge the gap between technology buyers and sellers.