Since the emergence of cloud computing, cloud storage or anything that has to do with cloud, more people, especially businesses, have moved to it.  Since the beginning, the main issue has always been the security of using cloud.

In 2010, Ponemon Institute conducted the first Security of Cloud Computing Users Study sponsored by CA Technologies, and this year, it published the follow up regarding the study.

In a survey conducted among 748 IT and IT security practitioners located in the US, 64 percent of respondents who have an average of 10 years in IT or IT security are at the supervisor or higher level in their respective organizations.

The study showed that though cloud security is improving there are still major concerns about the service that’s triggering the slowed adaptation to the cloud.

One of the main concerns is how SaaS and IaaS, though security has been improved, only 51 percent and 49 percent, respectively, evaluate the services before deployment which means that the service providers aren’t 100 percent sure that their clients will be protected in using their service.  This also meant that the burden of being responsible for cloud security lies in the end user.

Though majority of organizations believe that cloud service providers should be the one responsible for taking care of cloud security, 79 percent of the respondents stated that end users should be minding cloud security while only eight percent stated that IT and IT administrators should be the one responsible for minding cloud security.

The big question now is, why aren’t IT and IT admins taking care of cloud security?

The main reason is because there is no clear definition as to who should really mind cloud security.  So instead of pointing fingers as to who should be responsible, ITs, end users and cloud service providers should collaborate in securing cloud.

“One of the primary challenges is for organizations to encourage greater cooperation and collaboration between IT security and end-users,” the study concluded.  “The purpose should be to align the mission of improving security of cloud computing with the organizations’ business goals. Through such a partnership, the adoption of consistent, well-defined security practices can be shown to support business innovation, cost effectiveness and competitiveness.”