Through a great deal of research on enterprise cloud adoption and security, I’ve learned something telling. As you would expect, CISOs’ opinions about cloud strategy are quite varied. While many folks recognize their company’s use of SaaS for HR, sales, communication, and other applications, they are fairly divided about the use of Infrastructure as a Service (IaaS) and how secure these environments are in keeping company data safeguarded. After many talks with these technology leaders, I’ve determined that each fall into three distinct categories.
The first group is the server huggers and they make up a very small percentage of the respondents. They simply have no reason to leverage IaaS. Their applications are very resource intensive and expensive, and their businesses are highly predictable, so the need for scalable capacity just doesn’t exist. However, the time may come where they have company needs to bring the cloud into the mix. If so, they should be well informed on how to take advantage of cloud services and realize the ways to protect data during and after that migration.