NSA Revelations Rattle The Cloud Market: What Are You Doing To Calm Customers' Fears?


HINDERING CLOUD ADOPTION, HURTING CLOUD PROVIDERS' REVENUE

Companies have embraced cloud services to reduce costs and boost employee productivity, so pivoting back to maintaining data on servers in the company data center is improbable and unfeasible, said Garry Sidaway, global director of security strategy at MSP WideAngle, an NTT Com Security firm.

"There's been a natural spike of awareness in how data is stored and secured by services and used by employees," Sidaway told CRN. "There's an opportunity here to embed security into these services and increase transparency so people don't cease trust in the brand or the services that are being delivered."

But some organizations are predicting a negative impact on cloud adoption, precipitated by overseas businesses' distrust in U.S. cloud providers caused by the NSA issues. A report issued in August by the Information Technology and Innovation Foundation (ITIF), a public policy think tank, said U.S. cloud computing providers stand to lose a minimum of $21.5 billion over the next three years to European and Asian providers as a result of the NSA Prism program revelations. The ITIF cautioned, however, that its data was thin and that it was still too early to determine what the ultimate repercussions will be.

"If U.S. firms are to maintain their lead in the market, they must be able to compete in the global market," the ITIF said in its report. "It is clear that if the U.S. government continues to impede U.S. cloud computing providers, other nations are more than willing to step in to grow their own industries at the expense of U.S. businesses."

Companies are considering the deployment of private clouds, using virtual machines to create a cloud-based data center behind corporate firewalls, said Andreas Mertz, managing director and principal consultant at Germany-based IT security consultancy and managed security services firm IT-Cube. Another approach is to use co-location services, a remote data center that is walled off from other cloud customers and offers more control over company data, Mertz said.

Completely dismissing U.S. technology companies and security vendors is virtually impossible, but businesses overseas are reconsidering the cloud services they use, Mertz said.

"The discussion about the NSA news has pushed back whole cloud initiatives in Germany for at least two years," he said. "They're still using social media like Facebook but everybody is really concerned about security issues and, in terms of the business and intellectual property, a lot of companies stepped back from each cloud initiative they were working on and are undertaking feasibility studies to go to a private cloud."

NEXT: 'There's Encryption, And Then There's Encryption'