Story image

The perceived risks of cloud depend on where you are standing

13 May 2016

Article by Al Blake, Ovum Principal Analyst

Summary

Adoption of cloud services by government agencies is steadily increasing, albeit at a slower rate than in other sectors. Take-up is often held back by the perceived risks related to security and jurisdiction, but agencies need to look at cloud services based on their specific circumstances rather than adopting a generic approach.

Potential benefits depend on what you have now

As the variety of cloud service offerings has proliferated, there has been an ongoing debate regarding the relative risks when compared to traditional in-house deployments. This has been particularly prevalent in the public sector, where a traditionally risk-averse approach to significant business change has fostered concerns regarding the security of systems that are no longer directly under the agency’s physical control. This reluctance has been exacerbated by the disjunction with legal systems based on unambiguous physical location, which are becoming increasingly irrelevant when considering data that could potentially be stored anywhere in the world.

Early international concern regarding the theoretical ramifications of the US Patriot Act have been bolstered by the stream of revelations exposed by Snowden and others that confirm just how pervasive nation-state digital surveillance activities have become. In such a climate, the response of many large government organisations has been that “going into the cloud is too risky.”

However, such a black or white response loses sight of the fact that there are no zero-risk options. Smaller and less well-resourced organisations can be at considerable risk through their current in-house IT operations, which are often lacking capacity in security, governance, and business resilience. In fact, for smaller organisations it can be more appropriate to state that “staying out of the cloud is too risky.” Identifying the right approach depends on understanding your organisation’s profile and honestly assessing the existing risks embedded in your current operational model.

Appendix

Further reading

  • 2016 Trends to Watch: Government, IT0007-000847 (November 2015)
  • Government Cloud: Where Are We Now? IT0007-000832 (August 2015)

Article by Al Blake, Ovum Principal Analyst

GitHub launches fund to sponsor open source developers
In addition to GitHub Sponsors, GitHub is launching the GitHub Sponsors, GitHub will match all contributions up to $5,000 during a developer’s first year in GitHub Sponsors.
Check Point announces integration with Microsoft Azure
The integration of Check Point’s advanced policy enforcement capabilities with Microsoft AIP’s file classification and protection features enables enterprises to keep their business data and IP secure, irrespective of how it is shared. 
Why AI will be procurement’s greatest ally
"AI can help identify emerging suppliers, technologies and products in specific categories."
Are AI assistants teaching girls to be servants?
Have you ever interacted with a virtual assistant that has a female-based voice or look, and wondered whether there are implicitly harmful gender biases built into its code?
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
Data#3 to exclusively provide MS licences to WA Government
The technology services provider has won two contracts with the Western Australia Government, becoming its sole Microsoft licence provider.
Why cash is no longer king in Australia
Australia is leading the way in APAC for granting credit on B2B transactions.