Industry Solutions and Trends
Technology is more than just networking and Juniper experts share their views on all the trends affecting IT

‘Tis the Season of Goodwill; so let’s put the record straight on Cloud Security

by Juniper Employee on ‎12-20-2011 04:38 AM

‘Tis the Season of Goodwill; so let’s put the record straight on Cloud Security


Security is oft touted as the number one inhibitor to cloud adoption, but is there grounding for this in technology terms?


I know you probably have your mind on some last minute Christmas shopping or maybe how you can survive the office party so I’ll keep this posting at a high level and not delve deeply into the many and varied aspects of security, privacy, risk perception etc. I will however recommend a excellent article called ‘Risk Perception and Trust in Cloud1‘that covers such issues in much greater depth.


So, back to the question – why does security get highlighted as a major inhibitor to cloud adoption?


Juniper has been the market leader and segment leader2 of secure remote access solutions for many years and almost all enterprises will have a secure means of accessing business services over the Internet, be they in-house or hosted. Is cloud really all that different?


‘What about virtualization?’ you may say. Well, yes, that is a more recent innovation but even that has been around for many years and we are now at a point where solutions are available to implement security in the virtual world just as you would in the physical one. So virtualization may make things a little more complex but it certainly doesn’t prevent secure service implementations to be deployed.


So why does survey after survey put forward ‘security’ as the major inhibitor? What’s so different about cloud service models versus well established remote application access?


I think the answer lies in people. As people, we have feelings, instincts, concerns and emotions. When we look to implement change, emotion is a strong influencer. The emotion of the change surfaces in the form of an aversion to risk. Change is possibly one of the biggest risk factors facing IT managers today and the fear of a ‘bad change’ is considerable. However, not making change is also a massive risk as technology races ahead and so may the competition.


Within the enterprise an emotional commitment from all business functions, not just IT, can help drive change.  Where the risk benefit can be understood by all, so a culture of change can be supported and encouraged; rather than waiting to jump on IT if a change goes bad. As I discussed in my blog ‘Meatballs and Spaghetti’, this requires a translation from technical language into business language. Security solutions are re-positioned as business risk and business impact. People can then relate emotionally to the need and purpose for change.


I believe a similar but inverse situation exists between the enterprise and the cloud service provider. The fundamental emotion in this instance is trust. Can the enterprise trust the provider with its business data and processes? Of course, it’s difficult to specify ‘trust’ in an RFP, so a different language is used. The emotional language of trust is replaced with the technical language of security. Hence, in a way, security gets the blame when in reality security technology per se is not the issue but rather the holistic manner in which security and process are applied in the context of trust.


So if security becomes an ‘attitude to risk’ conversation inside the enterprise, it becomes an ‘attitude to trust’ conversation between the enterprise and the provider. As a provider, you need to be able to address the emotional needs of the customer. ‘Security’ is not the issue. People buy from people they trust.


A very merry Christmas and happy new year to you all – be secure, be safe.


Nigel Stephenson

Head of Cloud Services Solutions Marketing, EMEA



  1. Risk Perception and Trust in Cloud. ISACA Journal (2010)
  2.  Gartner Magic Quadrant for SSL VPNs. (2011)


by Juniper Employee on ‎12-20-2011 01:48 PM

Nigel, I'm with you; trust is critical to winning the hearts and minds of so many in an IT age. What perplexes me is how we overlook the lessons we have already learned. For instance, centralized offsite storage is nothing new. For a quarter of a century and more many corporates and government departments have placed the archiving of documents in the hands of third party suppliers.


Traditionally this is a warehouse somewhere, and the documents are stored under the same roof as those from other enterprises. "Security" was probably handled through a contracting mechanism and I doubt many customers take it on themselves to visit the facility to "check it out". Now fast forward to a cloud scenario and what changes? Whilst the form is different the concept remains the same but our approach, for some reason, is very different.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.