Around 50 Australian and New Zealand IT executives have indicated in the latest SafeNet Cloud Security Survey that they are not using cloud services but this number could be less because some companies are bypassing the IT department to buy services online, according to SafeNet CTO Russ Dietz.
The survey, which was conducted in July 2012 with 122 A/NZ IT executive respondents, found that 40 per cent of those surveyed were not using cloud while 41 per cent indicated they were using software as a service (SaaS) applications such as SharePoint.
Speaking to CSO Magazine during the AISA National Conference 2012, Dietz said the percentage of IT executives indicating they did not use cloud services was very similar to global trends.
“Most IT folks think they’re not using any cloud services but when you look outside the IT department and specifically at what services the company is using, they are using cloud,” he said.
According to Dietz, the number of firms who don’t use cloud services is “probably closer to 20 per cent.”
“It’s interesting how IT people are still trying to figure out the cloud terminology. When a lot of folks think of cloud, they think of infrastructure as a service [IaaS] like Amazon or they may think of Salesforce.com,” he said.
“They won’t think of other services they are running in the organisation."
According to Dietz, this was indicated by question eight of the survey which asked about the software as a service (SaaS) products people are using in their business.
Only 28 per cent of respondents indicated they were not using any SaaS services including customer relationship management (CRM) solutions, Google Apps, Office 365, content and collaboration, desktop as a service, Gmail for business or enterprise resource planning (ERP).
“There is obviously a disconnect going on because these are considered to be services that are orientated towards cloud,” he said.
Private and public cloud
The survey also found that 62 per cent of the respondents would prefer to have a mixture of public and private cloud solutions, depending on the cloud service, while 26 per cent would set up their own private cloud.
The remaining 12 per cent said they would make use of or leverage the public cloud.
“The large majority of the folks in this region are saying that a mix of public and private cloud is how it is going to be for them,” Dietz said. “That’s great because now everybody feels strategically globally that this is the case and to see the mix of companies start to affirm that is perfect.”
Dietz said that events such as the AISA national conference were important for information security professionals as they looked to deal with governance and control.
“Most folks in the security world see governance and compliance as a problem space because it detracts from what they consider to be real security.”
According to Dietz, governance is an important way of managing and working with assets or information when these are being used in the business.
“To have an event that is focused on the real security issues helps people see how there is relevance in both and that gets people in a better place in a good way,” he said.