Small and midsize companies in the cloud reap security, privacy and reliability benefits

REDMOND, Wash. — June 11, 2013 — A study released today reveals that, in addition to time and cost savings, small and midsize businesses (SMBs) in the U.S. that use a cloud service gain significant security, privacy and reliability advantages compared with companies that have not adopted the cloud. The study, commissioned by Microsoft Corp., shows that perceptions of the cloud held by nonusers directly contrast with the real experiences of cloud adopters.

“There’s a big gap between perception and reality when it comes to the cloud. SMBs that have adopted cloud services found security, privacy and reliability advantages to an extent they didn’t expect,” said Adrienne Hall, general manager, Trustworthy Computing, Microsoft. “The real silver lining in cloud computing is that it enables companies not only to invest more time and money into growing their business, but to better secure their data and to do so with greater degrees of service reliability as well.”

The Microsoft study, which did not qualify participants by product, service or vendor, asked SMBs that have not adopted the cloud what was holding them back:

• Sixty percent cited concerns around data security.

• Forty-five percent worried that using the cloud would result in a lack of control over their data.

• Forty-two percent doubted the reliability of the cloud.

In stark contrast, the study found that the experiences of SMBs that use cloud services contradict these concerns:

• Ninety-four percent have gained security benefits they did not have with their former on-premises technology, such as up-to-date systems, up-to-date antivirus and spam email management.

• Sixty-two percent have seen increased levels of privacy protection.

• Seventy-five percent have experienced improved service availability.

Seventy percent of SMBs in the study said that adopting a cloud service meant they could invest money and time savings into areas such as product development and innovation, demand creation, and expansion into new markets. Half of SMBs have pursued new opportunities because of the time they saved managing security.

An example of a business that has realized the security and compliance benefits of the cloud is DHCU Community Credit Union, a nonprofit financial cooperative. To meet the compliance requirements and security expectations of a financial institution, the organization recently moved to Microsoft Office 365.

Since its transition, DHCU Community Credit Union has experienced improved security and increased productivity, while enabling the organization to maintain its tradition of delivering excellent customer service.

“In the financial services industry, security and compliance are a critical table stake. Microsoft Office 365 gives us peace of mind that these things are being handled, and handled well. So much so that we’ve been able to reposition resources to reinvest in our business,” said Matt McCombs, president and chief operating officer, DHCU Community Credit Union. “Quite simply, the move to the cloud saved us money and freed up time to help us focus on what matters most — serving our members.”

In conjunction with the study, Microsoft has released an updated version of the Cloud Security Readiness Tool (CSRT). Based on the Cloud Security Alliance’s Cloud Controls Matrix, the CSRT is no-cost, interactive and easy to use. It enables organizations to assess the current state of the security of their IT environment and compare it to what they could expect if they used a cloud service. The updated release extends the range of industry standards covered by the tool to include European Network and Information Security Agency Information Assurance Framework (ENISA IAF) and British Standards Institution (BSI).

“Organizations are keen to understand how cloud adoption would compare with their existing on-premises policies, procedures and compliance, and that can be a complex task,” said John Howie, chief operating officer, Cloud Security Alliance. “In the Cloud Security Alliance, industry leaders have collaborated to develop best practice security guidance. Microsoft’s Cloud Security Readiness Tool builds on these efforts as it gives organizations a way to more easily evaluate cloud services against critical areas, as well as against compliance with key industry standards like ENISA IAF and BSI.”

About the study

The vendor-agnostic study, commissioned by Microsoft and conducted by independent research company comScore Inc., polled companies with between 25 and 499 PCs in France, Germany, the U.K. and the U.S. Cloud users were defined as companies using a subscription model service for data storage, email or calendar, online productivity, customer relationship management, database service, application hosting or management to manage and help secure computers, for enterprise resource planning, and/or compute capacity to run application code.

More information can be found at the Microsoft Security Newsroom:
http://www.microsoft.com/en-us/news/presskits/security.

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at http://www.microsoft.com/news. Web links, telephone numbers and titles were correct at time of publication, but may have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/news/contactpr.mspx.