While many organizations are recognizing that cloud technologies can improve business agility and efficiency, security and privacy remain a top hindrance toward widespread adoption, according to industry experts.

Despite the traction that cloud has gained in the past year, a recent Ovum (News - Alert) study concluded that business barriers to using cloud computing and communications services remain. Fifty-eight percent of respondents claimed security was a critical barrier to adoption, and this is strongly reinforced by their next most significant concerns: data governance (54 percent), use of public internet infrastructure (40 percent), and loss of control (39 percent).

Compliance regulations would appear to present complex challenges for businesses considering migration toward the cloud. However, it is a common misunderstanding that such regulatory compliance requirements preclude many organizations from being able to leverage outsourced, managed cloud services. 

Federal and state laws and industry regulations such as HIPAA and PCI (News - Alert) require strict controls on what kind of data can be stored, who can access it and where it can be stored.

Similarly, issues surrounding European privacy and regulations seem to inhibit many of the potential gains companies can achieve with cloud-based services. But in reality, cloud evangelists say it is possible to be both cloud-agile and European-compliant. What is required is an intelligent use of hybrid cloud, enabled by flexible, yet, effective controls over data and access.

Critical to this thinking is an approach to security that is based on “know” rather than just saying “no.” Clarity (News - Alert) of who is accessing data and where they are accessing it from, will answer almost all compliance challenges.

While cloud services are a long way away from being fully compliant with all the regulatory requirements, organizations can still benefit from them if they are able to differentiate between the types of data and applications that can or cannot be stored in the cloud, and by negotiating the proper service level agreements to ensure security and access.

In an upcoming webinar, Charles Weaver and Luke Forsyth will discuss how many of CA Technologies’ (News - Alert) customers are addressing these issues of being secure, compliant and agile, all at the same time.