ENTERPRISE ADOPTION OF PUBLIC CLOUD continues to
leap ahead, with Gartner forecasting global spending on infra-
structure as a service (IaaS) to grow nearly 40% this year. But
public cloud isn’t the answer to every problem, and in some
cases, it never will be.
Some regulated industries may never move their mission-
critical applications to the public cloud, because of data
locality, ownership, privacy, and other requirements. Latency-
sensitive applications may also need to stay in an on-premises
data center, because of the inherent limitations of long-
distance networks.
Public cloud presents particular challenges to regulated indus-
tries. Restrictions may apply regarding where data is physically
located, who can access it, and how it is governed. Privacy laws
apply in some jurisdictions, as do rules about specific forms of
encryption and data protection. In addition, there have been
numerous recent incidents of data’s being inadvertently left in
the open due to human errors such as misconfiguring cloud
servers or making simple mistakes. Such oversights are among
the biggest sources of cloud-based data exposure, accounting
for 82% of vulnerabilities analyzed by security software vendor
Outpost24.
