Microsoft: Cloud adoption bolsters security for SMBs

“There’s a big gap between perception and reality when it comes to the cloud,” said Adrienne Hall, general manager for trustworthy computing at Microsoft, in a statement announcing the survey. “SMBs that have adopted cloud services found security, privacy and reliability advantages to an extent they didn’t expect.”

She added, “The real silver lining in cloud computing is that it enables companies not only to invest more time and money into growing their business, but to better secure their data and to do so with greater degrees of service reliability as well.”

The Microsoft study, which did not qualify participants by product, service or vendor, asked SMBs that have not adopted the cloud what was holding them back and found that, predictably, 60% cited concerns around data security. A little less than half (45%) worried that using the cloud would result in a lack of control over their data, while 42% said that they doubted the reliability of the cloud.

The reality for the survey respondents seemed very different. SMBs rarely have dedicated IT resources, so the study found that not having to worry about ongoing maintenance and system installations translates into real-world benefits for SMBs that use cloud services: a vast majority (94%) said that they have gained security benefits that they did not have with their former on-premises technolog, such as up-to-date systems, up-to-date anti-virus and spam email management. Also, 62% claim increased levels of privacy protection, and 75% said that they have experienced improved service availability.

The benefits of adopting an on-demand approach to applications and computing also extend to the resource allocation issues that almost all SMBs face: 70% of SMBs in the study said that adopting a cloud service meant they could invest money and time savings into areas such as product development and innovation, demand creation and expansion into new markets. Half of the SMBs polled said that they have pursued new opportunities because of the time they saved managing security.

“In the financial services industry, security and compliance are a critical table stake. Microsoft Office 365 gives us peace of mind that these things are being handled, and handled well. So much so that we’ve been able to reposition resources to reinvest in our business,” said Matt McCombs, president and COO at DHCU Community Credit Union, a nonprofit financial cooperative. “Quite simply, the move to the cloud saved us money and freed up time to help us focus on what matters most – serving our members.”

In conjunction with the study, Microsoft has released an updated version of the Cloud Security Readiness Tool (CSRT). Based on the Cloud Security Alliance’s Cloud Controls Matrix, the CSRT is a no-cost tool for assessing the current state of the security of an IT environment, comparing it to what one could expect if a cloud service was used instead. The updated release extends the range of industry standards covered by the tool to include European Network and Information Security Agency Information Assurance Framework (ENISA IAF) and British Standards Institution (BSI).

“Organizations are keen to understand how cloud adoption would compare with their existing on-premises policies, procedures and compliance, and that can be a complex task,” said John Howie, chief operating officer, Cloud Security Alliance. “In the Cloud Security Alliance, industry leaders have collaborated to develop best practice security guidance. Microsoft’s Cloud Security Readiness Tool builds on these efforts as it gives organizations a way to more easily evaluate cloud services against critical areas, as well as against compliance with key industry standards like ENISA IAF and BSI.”

What’s Hot on Infosecurity Magazine?