Travis Bickham, Content Director, Tradeshift
Back in 2009, worries around personal security cultivated a lack of consumer confidence that was said to be holding back online retailing from reaching its full potential. Fast-forward six years and now many of us receive parcels in the post from the likes of Amazon and ASOS on a weekly basis. And e-commerce events like Black Friday are now pencilled into diaries as the day to grab a quick bargain online.
The evolution of our thinking about the cloud is not much different. Some businesses remain wary of the cloud and continue to manage their data in-house. But in reality, the cloud can help you bolster the security of your financial data while also improving compliance.
Security and the cloud: By the numbers
To give you an idea of the ubiquitous force cloud computing has become, consider these statistics. According to IDC, global Software-as-a-Service revenues are forecasted to reach $106B in 2016, increasing 21% over projected 2015 spending levels. While global spend on cloud infrastructure (public and private) is set to reach $33.4 billion, up from 28.1% in 2014. Those are big leaps.
In light of a number of incidents over the last few years, such as Snowden’s revelations, the Sony leak and iCloud hack, unsurprisingly, there are rising levels of concern over cloud security and privacy. The Cloud Industry Forum found that 70% of execs they polled cited data security as their biggest concern, up 9% since last year. As such, it makes complete sense that Gartner reports spending on security technologies will reach $75.4 billion this year, a 4.7 percent increase over last year, driven by cloud, mobile computing and IoT.
Cloud can help improve data security
With numerous breaches making the headlines, cloud computing is naturally going to scare some companies. But cloud can and does improve data security. Paradoxically, the reason the cloud keeps your financial data more secure is the very reason people mistakenly believe it’s less secure. Cloud-averse businesses typically believe the cloud is more vulnerable to attack because it keeps your data off-site in applications and servers owned by a third party. In reality, off-site data storage is the safest way to go for these reasons:
- Stricter access requirements. Off-site cloud applications require more beefed-up firewalls, security protocols, and access permissions than data stored on-site. On-site security protocols tend to erode over time, while off-site applications have to keep their protocols stringent to meet the expectations of their customers
- Better physical security. The area where your data is physically stored by your cloud provider has security around the clock. On-site, your data is forever at the mercy of your least competent or most negligent employees
- A robust threat-assessment model. Using cloud applications also means developing a threat-assessment model. The model will evaluate vulnerabilities within the application and constantly try to breach them to make them stronger. Few on-site IT teams would go to such lengths
- If you want customers’ business, you have to be the best. Cloud solutions offer the level of data security customers have come to expect. They don’t want to lose business to a competitor because a customer doesn’t trust on-site security measures
Improving compliance with the cloud
Currently, UK businesses also have to ensure they’re compliant with data protection directives set out by government and currently governed by the Information Commissioner’s Office. But with the introduction of the EU General Data Protection Regulation, expected later this year, comes a wave of stricter rules for businesses based and operating in Europe. This includes the hefty increase of being fined up to 2% of an organisation’s annual global turnover for a breach, compared to the current maximum of £500,000.
Admittedly, just like online shopping, cloud-based data storage does present some security challenges. However, as with e-commerce, when you take the proper precautions, those challenges actually become opportunities. Rather than shying away from the cloud in fear of feeling the European Commission’s’ wrath and slapped with a fine, businesses should scrutinise providers so that they’re able to enjoy the flexibility and scalability that cloud brings. Most credible cloud providers have already earned various certifications, such as ISO and SOC , which safeguard data. And this, along with other preventative measures, such as educating staff around data security and having company wide data security protocols in place, means that companies have the right structures in place to comply with strict data protection regulations.
The bottom line is this: Comparing the financial data security of in-house solutions with cloud applications is like comparing a home security system to the Tower of London. By moving your data off-site, the cloud insulates and secures your data rather than exposing it.