New Research from security firm Symantec, the makers of Norton, has found that there are hidden costs for businesses using cloud, especially with regard to ‘rogue clouds’, by which they mean public cloud services. The survey, which resulted in the report Avoiding the Hidden Costs of Cloud, found that three quarters of all organisations worldwide have had some issue when using rogue cloud. These were often problematic as they caused the loss of confidential information, which resulted in spiralling costs.
The Symantec study asked 3236 organisation’s IT professionals in 30 countries about the loss of sensitive data. They defined a rogue cloud as one which has been implemented by employees without the knowledge, or permission, of the IT department.
These include free services, such as Dropbox and Spider Oak, which are not an official part of a company’s IT infrastructure. Around 75% of companies found that rogue cloud solutions were being used, but only 20% of IT professionals within the company knew it was being used.
"Perhaps the sales manager signs his department up for Salesforce without thinking to consult IT. Or perhaps marketing shares important launch materials with outside vendors via an unauthorised Dropbox account,” the report stated.
"In either case, the organisation has put sensitive information into the cloud without organisational oversight...to save time and money: going through IT would make the process more difficult.”
Of course, this is an easy problem to overcome with the right policies being put in place and training employees on the issue of how company data is accessed. It also gives companies a very good reason to introduce hosted desktop solutions, so that employees can access their work without having to worry about security implications.
Symantec were quick to point out that their findings don’t mean that cloud itself is inherently insecure, just that business models have to be implemented if they are to ensure that employees can safely access information away from the office.
68% of those asked said that they had suffered some form of recovery failure in the cloud and more than one fifth said that getting over such a disaster took more than three days. This is unacceptable to the majority of businesses, who can lose a substantial amount of revenue in that time, especially those which are web-based.
The report also found that 94% of enterprises are now using, or considering the use of cloud, a figure which is still constantly climbing. Whilst there has, in the past, been concerns over security and compliance in the cloud, these have been somewhat allayed over the course of the past 12 months.
However, the report flags up the important of choosing a cloud model which is suitable for business. Public cloud can of course be secure, but free solutions are rarely a good business model to rely on.
In this case, the use of rogue cloud was generally found amongst smaller businesses and it was found that the bigger the company, the less likely it was to use such services. Almost half of those asked reported various problems such as the loss of data, web defacement and even stolen goods and services.
Bearing this in mind, it’s important for even SMBs to realise that professional cloud solutions are their safest, and most flexible, option.
The report also found other areas in which costs could be hidden, including backing up and storage problems. A large proportion of those asked said that they use three different ways to back up in order to keep data safe, but many had found cloud unreliable and slow to recover data from.
This makes it clear that using a private cloud solution, which has its own servers and is transparent about their location and disaster recovery, is the best route to go down. However, this doesn’t yet represent a real problem as only 17% of those surveyed actually use the cloud for storage at this time.
“Most organisations are pursuing cloud, and rightly so: Adopting cloud provides clear benefits. The Symantec 2013 Avoiding the Hidden Costs of the Cloud survey shows that as organisations (sic) proceed, they need to pay attention to hidden costs of cloud from day one, or else face costly consequences,” the report points out.
“Happily, there are simple steps IT can take to avoid these hidden costs,” it concluded.