A recent report commission by CA Technologies Inc. looks at the growth of the use of cloud services and the evolving attitudes to the security of these. This report shows some interesting findings: For instance: Europe is catching up with the US, with “38% of the European respondents using cloud for two to three years.” As compared with “55% of the companies in the US have been in the cloud for three or more years”.
This finding is confirmed by the recent announcement by salesforce.com that they have signed an agreement to establish European data centre in the UK in 2014. According Marc Benioff, Chairman and CEO, salesforce.com “Europe was salesforce.com’s fastest growing region in our fiscal year 2013, delivering constant currency revenue growth of 38%”. This same press release includes a forecast from IDC “that Europe’s public cloud software market will grow three times faster than other IT segments, at a CAGR of 30% to reach €23.9 billion by 2017”.
One of the reasons for opening the European data centre given by salesforce.com at their Cloudforce event in London on May 2nd was to answer security concerns of EU governments and organizations relating to the location of their data. While security concerns remain a key issue for organizations adopting the cloud - the CA Technologies Inc. report discusses the “Security Contradiction”. According to this report “Ninety-eight percent of enterprises surveyed reported that the cloud met or exceeded their expectations for security”. At the KuppingerCole European Identity & Cloud Conference held in Munich May 14-17, 2013 one session given by UK organization described that they had moved to the cloud primarily for security reasons.
So – according to these reports - it would seem that the cloud is blossoming in Europe and that customers believe that cloud providers are coming good on their promises around security. However our advice remains “Trust but Verify” - using the cloud inherently involves an element of trust between the organization using the cloud service and CSP. This trust must not be unconditional and it is vital to ensure that the trust can be verified. Organizations still need to have a fast reliable and risk based approach to selecting cloud services as described in our Advisory Note: Selecting your cloud provider - 70742.