Software as a Service (SaaS) provides businesses with flexible, easy and convenient access to business applications and data. But how safe are such cloud-based solutions?
Promising growth and innovation, IT security shows its most appealing side in cloud computing. Frequently, however, a less appealing, anxiety-inducing side gets a lot attention. Security concerns prevent almost every other user from putting applications in the cloud. On the other hand, two-thirds of users opt for cloud solutions precisely because of their “enhanced security”. As many as 98 per cent of users indicate that their expectations of cloud security have beensatisfied or exceeded. In times of NSA affairs and economic espionage, those numbers are quite remarkable.
According to the “2013 BMP Report”, 78 per cent of companies still prefer to have their data stored locally while only shifting business processes to the cloud. However, neither cloud solutions nor local IT infrastructures with independent data centres and server farms are completely secure from external hacker attacks, not even from internal data theft. When it comes to data protection, European cloud providers still have an edge over their U.S. counterparts. But given its underlying idea and current market mechanisms, cloud computing is not suitable for national “go-it-alone” solutions. Local solutions provide no serious alternative to globalservice providers. More important are contracts that are drawn up under European and German law and certifications that meet current standards, such as ISO 27001.
With continuous monitoring and updating of relevant security measures, professional cloud providers can offer security service around the clock, which mid-size companies in particular may not be able to afford. By utilising various cloud solutions, both safety and efficiency of IT infrastructures can be used to their full potential. While cloud computing also provides customers with options to customise solutions, too many companies simply turn over responsibility for security and implementation to their respective provider. However, responsibility for security is not a cut-and-dried process that can be handed off from one party to the next; rather, it calls for an ongoing exchange of advice and communication between suppliers and clients.
The upshot is that cloud-based solutions can enhance security of applications and data. But selecting the right provider is important. To that end, German and European law as well as various certifications are relevant factors to consider. And above all, you must feel that you can trust your provider!