Magazine Article | July 18, 2012

How To Overcome Cloud Security Objections In 5 Minutes

By Jay McCall, Business Solutions Magazine
networking and managed services editor

IBM announced recently that it banned the use of DropBox for corporate use due to security concerns. Around the same time, it was also reported that presidential candidate Mitt Romney’s personal cloud storage account was hacked. You might wonder what this has to do with your present or future cloud storage sales. It actually has a lot to do with it. News about security breaches has a way of spreading rampantly, and whether you’re currently selling or planning to sell cloud services, you’re going to need to know how to overcome cloud security objections. Keeping up to date with articles that highlight cloud security breaches is a good first step.

In other instances, you’ll run across prospects that have no clue or don’t care about the latest cloud security issues. In that case, their big objection to your offering won’t be about security; rather it will most likely be about price. Why should they pay what you’re asking for your service when they can get 7 GB of free online storage via Microsoft’s SkyDrive or a myriad of other cloud services? The advice offered above applies to this scenario, too. For instance, using the two examples mentioned earlier, you could ask a prospect, “How much did Mitt Romney have to pay to minimize the damage caused by someone hacking into his free cloud storage account?” Or, “How costly would it have been for IBM if one of its employees’ DropBox accounts was hacked?”

Here are four differentiators you could highlight to your customers to further contrast your offering with a typical consumer-grade service:

1. Enterprise cloud data is stored in an SSAE (statement on standards for attestation engagements) 16 data center. This includes not only a high level of network security, but physical security and business continuity features as well.

2. Their data will be encrypted before it leaves their facility and during transit.

3. Their data will be further protected via granular access rights based on user roles. This is often the Achilles heel of consumer-grade services, which even if they do have adequate physical and network security features built-in, leave the end user vulnerable by allowing an easily hacked user name and password combo.

4. Centralized administrative control. When employees share sensitive data across a consumer-grade cloud service and one employee quits or is terminated, it can be difficult for the business to keep the former employee from gaining future access to its data. In an enterprise model, however, someone can be designated as the administrator of the account, and that person can add or remove individuals easily via a single sign-on portal.

Only when your customers realize the difference between consumer-grade and enterprise-grade cloud services will it make sense for them to consider your offering. Until that point, however, you run the risk of them viewing you as an unnecessary middleman.