back to article Study shows SMB cloud security fears largely overstated

Research into small businesses in the US and Asian markets has shown that there's an increasing mismatch between the theory and practice of cloud security. When questioned in a blind test conducted by comScore and funded by Microsoft, a third of SMBs said they didn’t use cloud security because of fears over the cost of …

COMMENTS

This topic is closed for new posts.
  1. Bakunin
    Devil

    Company that sells product ...

    ... funds customer poll that reveals product makes financial sense.

    1. Chris Miller

      Re: Company that sells product ...

      I'm sure you can save some security costs. All you have to do is include the magic word 'secure' in your service agreement, then sack all your technical staff and let the service provider handle things. What could possibly go wrong?

  2. Ben Naylor
    Happy

    Shome mistake Surely....

    that should be ...

    "That's one full BOFH WEEK – once an extended lunch break and important offsite meeting at a local watering hole is taken into account."

  3. Anonymous Coward
    Stop

    The Sales Men will say ANYTHING.

    The MUGS believe anything!

  4. Anonymous Coward
    Anonymous Coward

    Erm...

    what *is* cloud security?

    1. Peter2 Silver badge

      Re: Erm...

      It means the bloke has a good lock on his garage where the servers are running.

    2. Ken Hagan Gold badge

      Re: Erm...

      Dunno, but when I saw "SMB cloud security" I thought about exposing Microsoft's file and printer sharing over the cloud in a secure way and thought "WTF?!".

      Fortunately the article made it clear that the whole thing was just another snake oil pitch.

    3. Anonymous Coward
      Anonymous Coward

      Re: what is cloud security?

      Exactly my thoughts.

      Having re-read the article a few times I'm pretty sure Iain meant to write 'cloud computing' instead of 'cloud security' in some of those instances.

      As it is though this article makes pretty much zero sense.

  5. Rob Dobs

    Spend less $$$ /= more secure

    Just because these companies spend less on security after moving to the cloud in no way imply, prove or show factual data that they are indeed more secure.

    I would propose quite the opposite even. They have relinquished control and actual knowledge of this security completely to an outside organization, and have no way of knowing their security level once this has been done.

    All this study shows is that people who move to the cloud feel comfortable that security is now a problem for someone else to handle, which to me seems a bit myopic and naive. This isn't really news, as they were already a willing customer of moving to the cloud. One would expect that expenditure for other IT costs will also be reduced as well (data storage, etc)

  6. Tom 35 Silver badge
    Holmes

    So...

    "It's an interesting dichotomy between people that have the perceived barriers to cloud adoptions in security and privacy and those that actually have taken the plunge and used the cloud,"

    People looked at cloud. The ones who found they could save money moved, the ones who didn't see an advantage didn't.

    Wow, look the people who moved to cloud saved money!

  7. Anonymous Coward
    Anonymous Coward

    Six of one, half a dozen of the other

    Yes, there are security risks in the "cloud", but no more so than some Microsoft certified administrator leaving a port wide open or giving their users global file server access or some other error. People pretend as though they have iron clad security today because they have firewall. In SMBs, security isn't exactly NSA grade in the first place. The real issue with the cloud should be data governance and the proprietary nature of some clouds which makes it impossible to leave, not some concern over losing security that doesn't exist in the current environment.

    1. Chris Miller

      Re: Six of one, half a dozen of the other

      Sensible organisations (there are many that aren't, of course) will select a level of security appropriate to their needs. For many, this will be substantially below 'NSA grade'. But if you identify a security hole in your own systems (perhaps by using an <ahem> security consultant), you can fix it, if to do so makes business sense. If it's in the cloud you can (unless you're Boeing or GM) do little about it except move to another provider (good luck with that).

  8. Dom 1

    Another point

    Who is responsible if data from "your" cloud [area] get stolen/hacked etc?

    Working for a company which has very sensitive data, I was told by a number of cloud providers (when the company toyed with the idea of moving to the cloud), that if the data was stolen from them, they (the cloud provider) would NOT be responsible legally. So if you do lose sensitive data - it's your fault!

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019