Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:30 AM
Dave Kearns
Dave Kearns
Connect Directly
E-Mail vvv

Cloud Services Adoption: Rates, Reasons & Security Fears

Concern over data breaches and privacy are two reasons enterprises in the European Union didn't increase their use of cloud services in 2014, according to the EU's recent Eurostat report.

"Heaven's not beyond the clouds, it's just beyond the fear." – Garth Brooks

A lot of Europeans believe that the European Union is really an employment scheme for bureaucrats who want to live in Brussels -- which is, admittedly, a nice place to live. But for those of us in the analyst business, the EU is one of our best sources of the data we need to advise people on their technology needs.

I firmly believe that cloud services are no longer optional. Any business, large or small, needs cloud services to both remain competitive as well as to get better control over its bottom line. So I eagerly looked forward to the release last month of the EU’s Eurostat report on “Cloud computing - statistics on the use by enterprises,” which was broken out by country.

It wasn’t really a surprise that Finland led the way, nor that Hungary, Bulgaria, Greece, Poland, Latvia, and Romania were the trailers among the 28 member states. What was surprising, though, was the low percentages of adoption. Finland, the leader, barely passed 50% when counting those enterprises that used at least some cloud services. Those listed above as “trailers” were all under 10%. And the seemingly “advanced” countries of France, Austria, and Germany barely reached above the trailers, coming in at 11 to 12%.

When broken out by sector, information and communication were, not surprisingly, the leaders at 45%, followed by professional, scientific, and technical activities at 27%. Enterprises reported that they relied on the cloud mainly for their email services (66%) and, in second place, for file storage (53%).

Those organizations already using cloud services viewed the fear of security breaches as the main reason they hadn’t increased their use. In light of the spectacular breaches (such as Sony's) revealed recently, that’s not an unwarranted fear. Well, until you realize that it was datacenter -- and not cloud -- resources that were stolen in the Sony incident.

Another fear is the proliferation of data privacy issues among the various member countries of the EU. That, and the various spying revelations that have come from the Snowden incident, have made a number of enterprises wary of putting personal and privileged information into the cloud. It was hoped that a new EU Data Protection Regulation would clear up the privacy issues when it was promulgated this year, but there are now fears that serious differences remaining between the European Parliament and the 28 member states will push the regulation into 2016, further clouding (pun intended) the issue for commercial organizations.

But by far the biggest surprise, to me, in the Eurostat survey was the reason given by those enterprises that have yet to use any cloud services as to why that is so; for the 81% of European enterprises not using the cloud, the main stumbling block was insufficient knowledge of cloud computing! In fact, though, while there are many good reasons for adopting cloud services, there is little guidance for planning it. The first step is for companies to take a strategic approach to cloud migration rather than a tactical response to business unit demands.

Once the strategy is in place, a clear definition of the business objectives of cloud-based services can be developed, the attendant risks can be quantified, the necessary policies for operating in the cloud can be documented, and board-level direction of cloud adoption can occur. Then the pitfalls can be avoided.

You need to know that with cloud services, as with most things in your corporate life, ignorance can be fatal.

Dave Kearns is a senior analyst for Kuppinger-Cole, Europe's leading analyst company for identity-focused information security and networking. His columns and books have provided a thorough grounding in the basic philosophies of directory technology, networking, and identity ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Moderator
1/13/2015 | 1:09:18 PM
Re: Decision to use cloud is often bottom up, not top down
Was there any indication if the  EU is using things like DaaS or VDI? Would be interesting to see how it compares to what's going on here in the U.S. 

Karen J. Bannan, commenting on behalf of IDG and VMware.
Charlie Babcock
Charlie Babcock,
User Rank: Ninja
1/12/2015 | 3:50:09 PM
Decision to use cloud is often bottom up, not top down
Sound advice from Dave Kearns: "The first step is for companies to take a strategic approach to cloud migration rather than a tactical response to business unit demands." And that's precisely why enterprise cloud usage is lagging in France, Austria and Germany at 11-12%. Amazon got off the ground, not when enterprises made a strategic decision to use it, but when developers decided it was a faster way to move forward and marketing decided not to wait for IT to buy more servers. Linux, remember, came in the back door, not the front.   
Marilyn Cohodas
Marilyn Cohodas,
User Rank: Strategist
1/12/2015 | 12:35:17 PM
Does breakdown include US-based cloud companies
Good article, Dave. Wondering if the data breaks down the adoption rates by company origin? Specifically I'm curious about whether U.S.-based cloud companies are losing ground in Europe because the data has been judged (thus far) to be still within reach of US search warrants. Also, do you see any change if Microsoft prevails in its suit go protect data stored in the European cloud...
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-14
An issue was discovered in MDaemon before 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET request. It allows performing any action with the privileges of the attacked user.
PUBLISHED: 2021-04-14
An issue was discovered in MDaemon before 20.0.4. Remote Administration allows an attacker to perform a fixation of the anti-CSRF token. In order to exploit this issue, the user has to click on a malicious URL provided by the attacker and successfully authenticate into the application. Having the va...
PUBLISHED: 2021-04-14
An issue was discovered in MDaemon before 20.0.4. There is an IFRAME injection vulnerability in Webmail (aka WorldClient). It can be exploited via an email message. It allows an attacker to perform any action with the privileges of the attacked user.
PUBLISHED: 2021-04-14
An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write vulnerability. An attacker is able to create new files in any location of the filesystem, or he may be able to modify existing files. This vulnerability may directly lead...
PUBLISHED: 2021-04-14
Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. Multiple privilege escalation vulnerabilities were discovered in version 5.2.4 of Pi-hole core. See the referenced GitHub security advisory for details.