The (Sometimes Dangerous) Power of Perception

I had a conversation with someone this morning that suggested I join a customer advisory board. He recommended it, in part, over a board of directors because, as he put it, the latter takes more in-person time and “it’s difficult to get to other places from Seattle. For example, it would be difficult to get to a place like Omaha.”

This individual’s perception about getting to and from Seattle was right — perhaps 15 to 20 years ago — but that’s no longer the case. For example, I fly Alaska Airlines for most of my business travel and to about 98 percent of the places I travel in the US, Alaska has a direct flight. Plus, in the 26+ years I have been flying Alaska, I have had only three connecting flights — twice to Orlando and once coming back from Las Vegas. That’s three flights out of my too-numerous-to-count flights on Alaska in more than 26 years!

The perception of Seattle as a distant outpost is shared by many, particularly NFL commentators who will periodically tell viewers about the difficulty encountered by teams coming “all the way out” to Seattle. But looking at actual data reveals that for the Jets or Giants to visit the Seahawks they would fly 146 fewer miles than if they were visiting the 49ers. If the Patriots visited the Seahawks, they’d fly 115 fewer miles than if they visited the Rams.

So, perception is often wrong and it has consequences. Much more seriously than the misperception of Seattle as out somewhere past Siberia is the perception by many that the cloud is less secure than on-premises solutions. For example, you can read about the “insecurity” of the cloud, or decision makers’ perception of its insecurity, here, here, here, here and here. However, an examination of the biggest and most damaging breaches of highly sensitive or confidential data over the past several years reveals that the vast majority of these were exfiltrations of data from on-premises systems, not those in the cloud. Even as far back as 2012 the Alert Logic Fall 2012 State of Cloud Security Report noted that users of service provider solutions experienced less than half the number of security incidents than users of on-premises systems. More recently, Infor concluded that, “Cloud vendors typically offer a much higher level of data center and virtual system security than most organizations can or will build out on their own.”

While on-premises solutions can be highly secure, data stored in the cloud is generally. more so. Cloud providers enjoy economies of scale in rolling out security capabilities that most organizations with on-premises systems cannot achieve. The cost of security for cloud providers is generally much lower on a per-customer basis than it is for those that manage security in-house, allowing cloud providers to do more on a dollar-for-dollar basis. Cloud providers suffer from insider threats much less often than do their on-premises counterparts. And, the very existence of cloud providers is much more dependent on maintaining the security of their customers’ data than it is for companies that maintain their own systems on-premises, giving cloud providers the stronger incentive to get security right.

Within the next few weeks we will be publishing a white paper focused on cloud security in which we will be exploring the key issues that decision makers should understand as they consider security in the cloud vs. on-premises.

And, Alaska offers a daily non-stop to and from Omaha.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s