Many business owners are well aware of the cost benefits that come with a move to the cloud. Straight away, it’s clear that a business will be paying lower power costs. Running one’s own hardware can be incredibly expensive. On top of running the hardware a business must also pay to cool the hardware as well. The electricity costs alone are substantial. And then there is the ongoing OpEx investment for people, tooling and processes necessary to maintain IT services.
Then add on the cost of staff designated to the operation and maintenance of this hardware as well as the cost of purchasing additional hardware for redundancy and any business person can clearly see many financial benefits of moving their system to the cloud. Now the question should be asked, “why don’t all businesses see a move to the cloud as a no-brainer?”
Some IT security professionals falsely believe that a costly data breach is more likely to occur on a public server such as the cloud. This couldn’t be farther from the truth. Utilizing a cloud-based system ensures that the client has access to top security technologies and practices. Keeping the system in-house, especially for smaller companies, means a poorly secured system and a staff that does not thoroughly follow established system policies. In the end, cloud computing provides increased security and functionality at a lower price.
Despite these differences, a number of businesses are hesitant to deviate from the status quo. When discussing the transition with management, one may hear a number of excuses such as “Why would anyone target us”, “But we’ve never had a breach”, “We have insurance”, and so on. These cop-out answers are flawed at a fundamental level and should be addressed before coming to a final decision about whether or not to move to the cloud.
The first cop-out answer, “Why would anyone target us”, is a school of thought that seems to have a strong presence in businesses today. Competitors, employees or anyone unhappy with your company could be a possible attacker. All industries are vulnerable as many attackers aren’t after the company but are after the customer data.
The second statement, “We’ve never had a breach”, has more to do with luck than it does with competence. Many businesses aren’t even equipped to recognize when their system has been breached. Security is not a field where management should settle for business as usual. Threats continue to change and evolve and security-conscious organizations must stay informed on the latest technologies available to defend against cybercrime.
Finally, the response of “We have insurance” fails to consider the public relations disaster that a data breach is. Once hard-earned trust has been lost with the consumer, it is very difficult for that company to earn the consumers’ trust back. This form of thinking also assumes that cyber insurance will completely cover the costs associated with a data breach. How familiar is management really when it comes to what the insurance policy does and doesn’t cover?
With the surge of data breaches we’ve seen over the past two years, concerns about security won’t go away anytime soon. For information on how to protect your company and your precious customer data, download How to Save Your Company from a Data Breach white paper.