The economic returns of deploying IT security to a cloud platform are clear, including elimination of up-front capital expense, minimization of operational costs and fewer technical resources required. We have heard the benefit statements time and time again from both the vendor and analyst communities.
For example, in a recent survey, it was found that large companies can easily save 50 to 80 percent by moving e-mail security to the cloud and more than 40 percent by moving e-mail archiving to the cloud (versus on-premises approaches).
Despite the benefits, the adoption of cloud-based e-mail security solutions is still a very gradual process for most companies. It can be hard to cut through the marketing hype when nearly every vendor seems to be making a cloud claim. The following are some key questions enterprise IT buyers should ask when evaluating cloud-based e-mail security services. These will help IT buyers to find a service that's trustworthy, reliable and, most importantly, effective.
There is a major misconception in organizations across industries that data stored in the cloud is inherently risky. However, the truth of the matter is that it depends on the type of cloud and the quality of the encryption services that protect the data. In most cases, data in the cloud may be safer than storing it on-premises since there are additional security measures such as double-blind encryption to ensure that customer data is properly protected. On-premises breaches can cause even worse nightmares if appropriate disaster recovery or backup measures are not taken.
The key security questions to ask cloud vendors are 1) how they are protecting your data and 2) what tools they use to protect it from third-party access.