Why Cloud? Better Security than Most Companies Can Provide Themselves
The following post is from guest contributor, Sheila McGee-Smith, President & Principal Analyst, McGee-Smith Analytics. You can follow Sheila on Twitter @McGeeSmith.
Worried about the security of your company’s data? You should be. At least 19 financial institutions have disclosed to investors in recent weeks that their computers were targets of malicious cyber attacks in 2012. In annual financial reports to the Securities and Exchange Commission, major banks such as Bank of America, Citi, Wells Fargo and JPMorgan Chase, along with smaller institutions, have reported that their systems were hit with computer disruptions or intrusions.
No surprise then that the US Bureau of Labor Statistics reports that the current unemployment rate for Information Security Analysts is zero and the projected growth rate for this career through 2020 is 22 percent. And security experts are not inexpensive; the 2010 median pay of $75,660 is almost 40 percent higher than the average salary for all college graduates. What the statistics mean is that finding the security experts you need will not only be difficult but increasingly expensive in a seller’s market for security skills.
Regulatory issues are another variable a company must address when it comes to securing corporate data. Regulations come in a variety of forms. There are laws and regulations that apply broadly to most firms, e.g., the Payment Card Industry Data Security Standard (PCI DSS). There are also industry-specific guidelines and requirements; the Health Insurance Portability and Accountability Act (HIPPA) is one well known example. Add to that applicable state-specific or international laws and complying with regulatory requirements alone becomes a full time job.
The Cloud Security Solution
Far from being a reason to dismiss a cloud alternative, the increasing complexity of securing both company and customer data is a great reason to consider shifting applications to the cloud. Data is probably safer with the vast majority of cloud-based application vendors than it is if kept on-premises. Why? Companies that deliver their applications through the cloud are in a better position than any one organization to provide best-in-class security.
Cloud application companies like Five9 undergo many third-party certifications and audits, far beyond what any one company is required to do in a private data center. To coordinate these efforts, many cloud application providers have instituted an executive department for security, headed by a Chief Trust Officer. Salesforce.com’s former chief trust officer Jim Cavalieri outlined the company’s security programs in a recent interview, saying it includes facility security, network security, applications and access security.
“We are part of your security organization,” Cavalieri said. That’s the way any company should feel about their cloud vendor ― that both are working together to both build the appropriate security safeguards as well as deal with any possible security breaches.
As companies think about moving contact center applications to the cloud, there are probably more added security benefits that will be accrued than security issues created. A vendor like Five9 becomes your knowledgeable partner in securing the data of both your company and your customers.