Organizations Moving Email to the Cloud Despite Security Concerns

Anthony Freed
By | October 16, 2012

Posted in: Network Security Trends

The rapid pace of migration to managed services by organizations continues to gain momentum despite well-founded concerns over data security and complicated legal issues related to maintaining regulatory compliance.

Leading the trend is the adoption of cloud-based communications with a staggering 83% of respondents indicating they intend to outsource their email needs to third-party service providers by the end of 2014, according a new study conducted by Osterman Research.

While larger organizations with more than 5,000 employees are slower to move to the cloud, with less than two-thirds indicating they are ready to make the jump, more than 90% of smaller companies confirmed they will enlist cloud-based email services over the next two years.

The study also found that non-regulated industries are more swiftly making the change, with 99% stating they will switch to third-party email services, while only 60% of their regulated counterparts will do the same by 2015.

"Cloud-based email for large and regulated enterprises is clearly in a slow adoption phase, but this is a good sign. Many organizations are merely exercising due diligence in identifying all the hurdles, including Big Data which may be a bigger security threat to businesses than many currently realize," said Michael Osterman in a press release.

Those taking their time to make the jump to the cloud cite logistical hurdles resulting from a myriad of applications, filters, routing components and other technical obstacles that complicate the migration process, as well as having concerns about effectively governing the flow of massive amounts of data between the in-house and outsourced platforms, while 37% of the survey respondents expressed no worries regarding security and compliance issues.

Driving the trend behind cloud computing is the savings realized by reducing investments in hardware and the support staff required for maintenance of on-premise data centers, but the saving comes at a price of losing elements of control when it comes to data loss prevention, as well as regulatory and legal liability.

"Once this discovery and planning phase is completed over the next year, I think cloud-based email will hit its stride as the data strongly suggests," Osterman predicts.

For those contemplating the adoption of cloud-based services, the Center for Internet Security (CIS) released a report which examines a wide range of key issues organizations should consider, including patch management, access control assurance, and resource allocation.

Also available for guidance are the National Institute of Standards and Technology's Cloud Computing Synopsis and Recommendations released earlier this year which present "an overview of major classes of cloud technology, and provides guidelines and recommendations on how organizations should consider the relative opportunities and risks of cloud computing," according to the NIST.

Of note for those specifically looking to migrate corporate communications to the cloud is a controversial decision made last week by the South Carolina Supreme Court, which ruled that correspondence stored by email service providers is not protected from unauthorized access under the Stored Communications Act (SCA), a decision that should prompt legislative action.

You May Also Be Interested In: