Ovum: Security skills shortage remains most prevalent barrier in cloud

Security skills shortages are hampering IT's ability to adopt cloud services

A security skills shortage is hampering cloud adoption

Security and an IT security skills shortage remain the most prevalent barriers to cloud uptake, according to Ovum principle analyst Andrew Kellett.

Although Ovum’s research suggests the volume of sensitive corporate data stored in the cloud continues to grow, with enterprise cloud adoption rates exceeding 80 per cent, in many cases this data is not adequately protected.

“Security, or lack thereof, is a significant issue. If there is one problem area inhibiting further adoption of cloud-based services, it is enterprise concerns about shortfalls in the protection regimes of many cloud service providers,” Kellet said, adding that since more sensitive data appears to be stored in the cloud the most basic security practices and controls aren’t necessarily enough.

“On too many occasions, security policies only come into place once a new technology has already gone mainstream, and this is certainly true of the cloud industry. Many cloud providers have been guilty of ‘bolting on’ security as an afterthought, something which has left previous generations of technology vulnerable to malware attacks, advanced persistent threats and other breach tactics.”

“Whether they like it or not, organisations are putting their trust in the hands of the service provider, often without being completely satisfied that such trust is justified or that service levels and protection can be maintained,” he concluded.

Other recently published research from Ovum suggests enterprises are quite concerned with how their cloud service providers implement security controls. The company recently surveyed 818 ITDMs for their views on cloud security and found that in the US specifically, respondents seemed most concerned about lack of control over the location of data (82 per cent), increased vulnerability of shared infrastructure (79 per cent), and “privileged user” abuse of the cloud service provider (78 per cent).