Page 1 of 2
Microsoft has rolled out a new Cloud Security Readiness Tool, which is designed to help companies with up to 500 employees assess the potential impact of adopting cloud-based security services.
Security has long been one of the biggest obstacles to cloud adoption, according to a wide variety of studies, and the new Microsoft initiative is aimed at helping companies navigate the complex issues surrounding the decision of whether to go towards the cloud or remain on-prem.
"When we talk to the companies who have not adopted cloud, 44 percent raised security concerns," said Jeff Jones, director of Microsoft's Trusted Computing Group. "We then asked what would help them to overcome those concerns, and they called for better use of industry-standards, plus they were looking for a high level of transparency, so they could better understand what they were getting."
Jones added that the fundamental drivers towards the cloud focused on cost savings plus the convenience associated with outsourcing their security needs to a cloud provider. More than half of them expressed the opinion that they were getting improved security because the provider was dealing with patches and all the things necessary to keep their security posture up to date. This, he said, gave the customer more time and money to focus on their respective core businesses.
"So we are approaching this from the perspective of two high-level questions," he said. "They need to understand where they are today with respect to security and compliance. Second, if they adopt cloud security offerings, will I be better off?"
Through participation with groups such as the Cloud Security Alliance, Microsoft carved out a series of recommended standards and strategies. These best practices were coalesced into a tool comprised of 27 questions designed to assess the given organization's specific circumstances leading to recommendations pertaining either to the cloud or to how they can improve their existing security policies, technologies and procedures.
The Cloud Security Readiness Tool is available over the Internet free of charge," explained Jones. "It is designed to assist organizations and consultants, to determine where they are today with IT security and how they can improve."