Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


05:43 PM
Connect Directly

Microsoft: SMB Cloud Security, Privacy Concerns A Matter Of Perception

Survey finds some SMBs afraid of going to the cloud for security reasons -- and other SMBs loving the cloud for security reasons

What keeps one small to midsize business (SMB) away from cloud computing keeps another SMB sold on it: security.

A new blind survey conducted by comScore and commissioned by Microsoft shows that security is the No. 1 deterrent for SMBs that are forgoing the cloud, and also the biggest payoff for those that are adopting cloud services. Sixty percent of SMBs in the U.S. that don't use cloud services point to data security as a top reason for not going there, while 94 percent of SMBs that subscribe to cloud services say cloud gave them security features they didn't have pre-cloud. Around 50 percent of them also say cloud gives them better security.

"Many of these SMBs are more concerned about cloud security than they should be. We know this because we are [also] talking to people who use the cloud," says Tim Rains, director of Trustworthy Computing at Microsoft. "What we're trying to do by sharing these findings is to help bridge the cloud perception gap -- the perception on security, privacy, and reliability, which have been barriers."

The survey, which polled around 100 SMBs with cloud and 100 without, also found that 45 percent of SMBs who don't use cloud services say they are worried about losing control of data in the cloud, and 42 percent haven't gone cloud due to concerns about reliability. Nearly 40 percent say compliance is holding them back from cloud. The SMB survey respondents had anywhere from 25 to 499 PCs in their organizations.

More than 90 percent of SMBs that have adopted one or more cloud services -- data storage, email/calendar, online productivity, customer relationship management, database service, application hosting/management, management/securing computers, enterprise resource management, or computing capacity for running application code -- say cloud providers made it easier for them to meet compliance, and 55 percent have reduced the time they spend managing security now that they use cloud services. Some 62 percent say their privacy protection has improved, and nearly half are confident in their cloud provider's ability to manage data privacy.

Reliability also got high scores: Ninety-six percent of SMBs using cloud services say they are confident of restoration in the event of an outage, and 73 percent are more confident in "the integrity" of their data in the cloud.

Microsoft's Rains says the survey demonstrates misconceptions about security, privacy, and reliability of cloud services. "When they embrace cloud, they found the benefits outweigh their concerns," he says. "Those with business applications in the cloud had better service availability and support during outages than their non-cloud counterparts."

Time was another win for SMBs in the cloud, according to the survey: Fifty percent say they were able to pursue other projects because they were spending less time managing security.

"We wanted to better understand the perceptions of cloud small businesses have ... from those who have not deployed cloud from a security and reliability [perspective] and compare with those similar companies with real experience who have adopted the cloud," Rains says.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
A Startup With NSA Roots Wants Silently Disarming Cyberattacks on the Wire to Become the Norm
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/11/2021
Cybersecurity: What Is Truly Essential?
Joshua Goldfarb, Director of Product Management at F5,  5/12/2021
3 Cybersecurity Myths to Bust
Etay Maor, Sr. Director Security Strategy at Cato Networks,  5/11/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google Maps is taking "interactive" to a whole new level!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-18
An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to allows a regular user to learn the scanning exclusion paths. This issue was discovered during external security research.
PUBLISHED: 2021-05-18
Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business S...
PUBLISHED: 2021-05-17
Cross Site Scripting (XSS) in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post.
PUBLISHED: 2021-05-17
Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete a specific article via the component " /admin.php?action=page."
PUBLISHED: 2021-05-17
Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete specific images via the component " /admin.php?action=images."