As we’ve stated before, the top concern clients and prospects give us for moving to the cloud is security. I work with the insurance sector, and the insurance cloud and security topic is particularly acute given the amount of sensitive data that providers must protect. The perception is that cloud computing doesn’t offer the security that a standard hosting model does.

Yet this is not the reality. Cloud solutions can actually reduce security risks. As we’ve explained and demonstrated to clients, we reduce risks via several factors, including:

• Planning for security upfront by incorporating methods such as in-flight encryption that provide for secure connections
• Providing well defined processes, down to the point of separation of duties to ensure not one person can circumvent the model, thus eliminating those “back doors”
• Delivering federated security services that segregate data—which can’t be pieced together if hacked—and performing active directory checks to continuously check information access rights
• Using strong identity and access management (read our related blog post: Cloud provider with identity and access management expertise vital)
• Leveraging repeatable processes and defined models from providers that have proven they can deliver successful and secure cloud computing engagements

Insurance providers, and organizations like them, should take advantage of private clouds—whereby data stays 100% segmented—to ensure additional cloud security.

The key is to separate perception and reality and speak to your prospective vendors about their cloud security model. This will enable you to take advantage of the cloud—improving your flexibility and costs—while remaining secure.