With enterprises opening their IT set-ups to cloud deployments, security has become a major concern. Cloud adoption is set to see a boom over the next five years in India. US companies like Google have been at the forefront of getting enterprises to switch to cloud services. Recently, the Indian Youth Congress, Indiamart and Punj Lloyd switched to Google’s cloud services.
Indian enterprises, companies and banking firms understand the benefits of cloud computing. Kartik Shahani, country manager (India & Saarc), RSA says, “Given the expenditure involved in maintaining physical IT infrastructure, the thought of replacing server rooms and haphazardly-configured appliances with cloud services is simply too much for companies to resist. You need not have expertise or control over the infrastructure when it’s being offered as a service over the internet. You just put everything in the so-called cloud and forget about it.”
However, a cloud security survey by Trend Micro underscores why most enterprises in India hesitate to deploy cloud services. About 55 per cent enterprise IT decision-makers in India reported a security lapse or a concern about their cloud provider in the last 12 months. “We see about five times more cloud applications coming online in the next few years. Given many cloud service providers do not adequately add IT resources to security, the reality is securing your cloud environment is not an option, it’s a necessity,” says Amit Nath, country manager (India), Trend Micro.
According to the survey, the top barriers to cloud computing adoption in India are billing and tracking of services used, lack of access to data, availability of cloud services and the lack of transparency.
“Your data may be in the cloud, but you still need to take tangible cloud computing security measures,” says Jonathan Smith, professor of computer and information science at the University of Pennsylvania. “Policy controls on outsourcing data storage are a particularly thorny issue for anyone dealing with health or education information,” he says, adding, “Legislation like the Health Insurance Portability and Accountability Act and the Family Educational Rights and Privacy Act, make some data subject to federal regulation.”
Meanwhile, cloud security tools are beginning to make an appearance for Indian customers. Ann Johnson, vice-president (Global IPV & Global Accounts), RSA, says the lack of trust in cloud computing was the biggest deterrent for cloud service adoption. So, the managed security service provider developed RSA Cloud Trust Authority, a cloud security solution that makes it easy to configure and deploy cloud-based security services. “Our system is designed to eliminate the need for multiple point-to-point integrations involving a custom code, with both organisations and service providers. The RSA Cloud Trust Authority enables organisations to adopt cloud computing and gives cloud service providers the opportunity to deliver classes of applications that were previously off-limits, due to security or compliance concerns,” she says.
Trend Micro has developed a multi-layered protection for virtual environments, Deep Security, which prevents data theft, business disruptions, and compliance violations with comprehensive server security for today’s virtualised datacenter. “Trend Micro secures enterprises, no matter where they are in the cloud journey. Our integrated suite of security solutions provides higher efficiency in cloud and virtualised environments, and our policy-based encryption key management service keeps data secure, regardless of where it’s stored—from physical servers to virtual environments to public clouds,” says Trend Micro’s Nath.