- Cybersecurity concerns have discouraged companies from moving their data and applications from their private servers to public clouds, according to a study by consulting company McKinsey.
- Less than half of companies surveyed have moved more than 10% of their workloads to public cloud services such as Google Cloud and Amazon Web Services, though many more plan to increase their reliance on such services in the next three years.
- Corporate security officers are starting to worry less about the security of public cloud services and more about how their companies can update their own security practices to work with those services, according to the study.
With all the hype around cloud computing services you might think everyone has embraced them.
But that’s not true, and one big concern has kept many companies on the sidelines: security.
Companies have been slow to move from running applications and storing data on their own private servers to doing them on public clouds such as Google Cloud and Amazon Web Services, a new study by McKinsey found. Only 40% of the companies studied had more than 10% of their workloads on public clouds.
Concerns about cybersecurity were holding many companies back, although attitudes are changing, McKinsey, a consulting company, found in the study, which surveyed 90 companies across multiple industries.
“Despite the benefits of public-cloud platforms, persistent concerns about cybersecurity for the public cloud have deterred companies from accelerating the migration of their workloads to the cloud,” McKinsey said in its report. “Executives cited security as one of the top barriers to cloud migration, along with the complexity of managing change and the difficulty of making a compelling business case for cloud adoption.”
Despite the lag, 80% of companies in the study said they plan to move more than 10% of their workloads onto public cloud systems or plan to double their use of cloud services in the next three years.
This prospective embrace of cloud services may be due to companies’ chief information security officers (CISOs) beginning to trust the security provided by large service providers, according to the study.
Instead of asking whether big cloud providers such as AWS and Google are secure, CISOs are now primarily concerned with figuring out how to update their own security practices and hardware to be as secure as possible while using cloud services, McKinsey found.
- Exhibit from “Making a secure transition to the public cloud” January 2017, www.mckinsey.com. Copyright (c) 2017 McKinsey & Company. All rights reserved. Reprinted by permission.