Cloud service providers faced an uphill battle in 2012 when trying to recruit business from firms with especially sensitive and/or highly-regulated workloads. But now that companies have recognized the viability of traditional data security solutions and hosts have emerged with more refined risk management strategies, cloud security confidence is on the upswing headed into 2013.

Accepting accountability
One of the initial sources of cloud confusion was the misconception that companies could essentially outsource data compliance and security responsibilities right alongside their digital payloads. This realization triggered a pivotal shift in vendor relations, according to CSO Online, as cloud customers realized the need to adopt a more assertive stance when negotiating service level agreements and verifying which party was in charge of which protective components.

As Yale University CIO Len Peters suggested in a recent interview with Network World, cloud customers should ground their expectation in reality and anticipate comparable risks and challenges to what they've experienced overseeing exclusively on-promise setups. However, the business advantages of cloud migration can certainly make shouldering that burden worthwhile.

Forging progress
Customers should take heart in the fact that the majority of cloud security stumbling blocks are created by factors well within their control. According to CSO Online, poor internal access control and misaligned strategic visions are responsible for a much greater proportion of data security incidents than any phantom cloud outages or breaches. As a result, a well-enforced encryption policy could help companies significantly limit their vulnerability before the data ever begins its journey to the cloud.

But at the same time, they can also expect to see a number of important advances to emerge from their technology suppliers. As cloud providers grow more cognizant of where their vulnerabilities lie, Network World noted that the market could see an infusion of cloud security solutions that incorporate data loss prevention, encryption and authentication principles from the very start. 

As a best practice, if companies want to feel confident that their sensitive data is secure in the cloud, they should encrypt the data prior to sending it to the cloud.