Story image

The perceived risks of cloud depend on where you are standing

13 May 16

Article by Al Blake, Ovum Principal Analyst

Summary

Adoption of cloud services by government agencies is steadily increasing, albeit at a slower rate than in other sectors. Take-up is often held back by the perceived risks related to security and jurisdiction, but agencies need to look at cloud services based on their specific circumstances rather than adopting a generic approach.

Potential benefits depend on what you have now

As the variety of cloud service offerings has proliferated, there has been an ongoing debate regarding the relative risks when compared to traditional in-house deployments. This has been particularly prevalent in the public sector, where a traditionally risk-averse approach to significant business change has fostered concerns regarding the security of systems that are no longer directly under the agency’s physical control. This reluctance has been exacerbated by the disjunction with legal systems based on unambiguous physical location, which are becoming increasingly irrelevant when considering data that could potentially be stored anywhere in the world.

Early international concern regarding the theoretical ramifications of the US Patriot Act have been bolstered by the stream of revelations exposed by Snowden and others that confirm just how pervasive nation-state digital surveillance activities have become. In such a climate, the response of many large government organisations has been that “going into the cloud is too risky.”

However, such a black or white response loses sight of the fact that there are no zero-risk options. Smaller and less well-resourced organisations can be at considerable risk through their current in-house IT operations, which are often lacking capacity in security, governance, and business resilience. In fact, for smaller organisations it can be more appropriate to state that “staying out of the cloud is too risky.” Identifying the right approach depends on understanding your organisation’s profile and honestly assessing the existing risks embedded in your current operational model.

Appendix

Further reading

  • 2016 Trends to Watch: Government, IT0007-000847 (November 2015)
  • Government Cloud: Where Are We Now? IT0007-000832 (August 2015)

Article by Al Blake, Ovum Principal Analyst

MNF Enterprise brings calling to MS Teams
Businesses can now use Microsoft Teams for local and international phone calling from their computer or device.
Survey reveals CX disconnect is risky business
Too much conversation and too little action could lead companies to neglect, lose, and repel their very lifeblood, according to Dimension Data.
Should AI technology determine the necessity for cyber attack responses?
Fujitsu has developed an AI that supposedly automatically determines whether action needs to be taken in response to a cyber attack.
Microsoft Azure ExpressRoute launches in Perth
This new ExpressRoute location will offer Perth organisations a direct and private connection to their Microsoft cloud services.
NEC concludes wireless transport SDN proof of concept
"Operation and management of 5G networks are very complicated and require automation and closed-loop control with timely data refinement and quick action."
Trend Micro’s telecom security solution certified as VMware-ready
Certification by VMware allows communications service providers who prefer or have already adopted VMware vCloud NFV to add network security services from Trend Micro.
Top cybersecurity threats of 2019 – Carbon Black
Carbon Black chief cybersecurity officer Tom Kellermann combines his thoughts with those of Carbon Black's threat analysts and security strategists.
Avaya introduces private cloud delivery of its UCaaS solution
Avaya is supposedly taking a flexible hybrid approach to the cloud with these new solutions.