This is because the private cloud, rather than a public or hybrid cloud, bears the closest resemblance to the virtualised infrastruture that IT departments have implemented and where they are able to maintain control.
“The decision in the next year or two will only be about the private cloud,” Eric Domage, programme manager for EMEA software and service group at IDC, told the analyst’s Virtualisation and Cloud Security Conference in London.
“The bigger the company, the more they will consider the private cloud. The enterprise cloud is locked down and totally managed. It is the closest replication of virtualisation.”
The lack of privacy in the public, cloud is a significant issue, Domage said, pointing out that most hacking incidents happen in the consumer cloud.
Domage could not say definitively if businesses should leverage virtualisation security for cloud computing, but he said: “We should give it a try.”
He described virtualisation as “safe” and “compliant” and said that virtualisation security “should” ensure the adoption of cloud computing. However, IDC believes that there is a still a gap between the security many end-user organisations need and the vendors’ ability to provide cloud security.
“Today, there is no end-to-end encryption possible in the cloud,” Domage said.
He urged delegates at the conference to “please consider more private cloud than public cloud.”
According to Domage, businesses should try to apply the security principles they have used in virtualisation for their cloud operations. With cloud adoption often being driven by the business, rather than IT decision makers, and with cloud being used for small business processes or short-term projects or workloads, it is important for IT to assert basic management and security principles, he added.