Due Diligence

Cloud Industry Forum noted in their 2011 paper, “Cloud Adoption and Trends for 2012,” that when asked to name their biggest concerns around cloud adoption, 62 and 55 percent of respondents, respectively, “… were clear that data security and privacy stood out above all others.”

Those are understandable concerns. After all, when you move to the cloud, you’re entrusting the availability of key applications and the security and privacy of your data (including sensitive information about your customers and partners) to a third party.

What’s not so understandable is why those concerns should be inhibitors for adopting the cloud, since most cloud providers already recognize that, by 2013, security and penetration tests will be a requirement of cloud implementations.

Axway’s infographic, “The Cloud: Impact and Adoption – Predictions for Today and Tomorrow,” cites Gartner’s note that, “By 2016, 40 percent of enterprises will make proof of independent security testing a precondition for using any type of cloud service.” This makes perfect sense, but it begs an important question: Shouldn’t that 40 percent be asking for that proof today?

If your cloud provider isn’t willing to discuss their security analyses and penetration tests, your next action is simple — find a cloud provider who will.

Because while having concerns about any brave new world is understandable, denying your business countless advantages because of a lack of due diligence is not.

(This post was first published at http:blogs.axway.com)