Information security and data encryption will play a key role in the adoption of cloud computing, as data no longer rests solely within the enterprise.
This is according to Floris van den Dool, senior executive and information security lead for Europe, Africa and Latin America at Accenture.
“Not knowing where a company's data resides is a security risk, and increasingly, organisations are looking at encryption as a means to counter and mitigate the risks and put control into the hands of the data owner,” Van den Dool points out.
“We see cloud service providers beginning to offer [encryption] as an option and it will become crucial as part of an organisation's cloud computing strategy.”
According to Van den Dool, the focus on data is a big trend because of the disappearing perimeter in the IT environment due to staff members bringing in their own consumer devices and USB sticks and taking sensitive information out of the company's control.
However, he notes that data needs to be protected, regardless of where it is. “Data also requires classification because a company needs to define what the critical data is and how to protect it, and there needs to be security controls behind it.”
Accenture's latest cloud security report indicates that legal and regulatory barriers, real or perceived, have significantly slowed enterprise cloud adoption.
It adds that cloud providers must share the risk and data owners must bear the legal consequences if data falls into the wrong hands.
The firm advises organisations to secure necessary contractual terms with their cloud providers, understand privacy laws, involve the right people, prohibit ad hoc cloud computing and always have a backup plan.

