Only 23 percent of 200 IT professionals in a new survey said they are concerned about a lack of perimeter security and network controls in public cloud services, and some 36 percent already use public cloud services for sensitive applications, like human resources, CRM, and ERP. More than 30 percent use cloud for internal testing and development, and 29 percent for hosting e-commerce applications.
Not surprisingly, the No. 1 use of public cloud is for external applications, according to the data released by cloud server security firm CloudPassage.
Private cloud is the No. 1 type of cloud service in use, with 36 percent of the respondents; public, 22 percent; and hybrid, 20 percent. Four out of five respondents are using some form of cloud in their organizations, the survey found.
More organizations plan to go cloud in the next year: Seventy percent more will employ public cloud in 2013 than this year; 31 percent more plan to increase media hosting via cloud; and 29 percent more plan to increase cloud-based software development and testing.
"I was a little surprised that four out of five said they have some usage of the public cloud. I didn't think it was that high," says Andrew Hay, chief evangelist at CloudPassage. "The idea of temporary workloads for bid data was always what I had in mind as to why you use public cloud. It's nice to see that 70 percent [more] are looking to public cloud. People are becoming more comfortable putting some of their computational number-crunching [there] instead of keeping it behind locked doors."
But, overall, organizations still have some reservations about public cloud services, in general. Nearly 70 percent ranked security as their biggest worry; 45 percent, achieving regulatory compliance; and 38 percent, loss of control.
"This survey shows that people adopting and pursuing public cloud projects ... haven't forsaken security," Hay says. "They still have a caution about them about adopting a new platform, which is good. Healthy skepticism is a good thing."
Most organizations (78 percent) are aware that security of servers, algorithms, and data in the public cloud is their responsibility, not that of the cloud provider's. "A year ago, [many organizations] would say, 'I operate on PCI-compliant cloud,' but that doesn't mean what they [thought it meant]," Hay says.
Hay says cloud adoption is no longer just about cost savings. "It's a rush to long-term automation and scalability, and with that comes security. They go hand-in-hand," Hay says.
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.