As stated above, public cloud security is at the whim of the provider. This means that whatever measures the cloud service provider, like Google or Amazon, chooses to utilize, this is what customers must work with. There is no sense of control, no way to change what measures are in place, and no way to take extra time to adhere to specific threats that matter most to a customer. In essence, customers need a lot of trust in choosing a public cloud.
For smaller companies without the budget to manage high tech security, this can be an advantage – after all, the hard work is done for you. However, it does open the door for large problems from which coming back might be next to impossible.
Should a breach occur, and a breach is absolutely possible, even when it involves some of the largest tech names in the world, there’s very little a customer can do to protect data before it’s too late. In this situation, as is the case with any kind of service outages, customers are essentially left to sit and wait and hope everything is okay. It may be possible to implement backup systems in the meantime, but if all functions and job duties are handled within the cloud environment, a breach can sideline your business and leave you completely helpless.
Any breach that puts your customer information at risk can be damaging both to how you are perceived by your customers but also how you are seen within your industry. Unfortunately, if a breach wasn’t your fault, that will mean very little to those critical of your brand, especially since it was ultimately your choice to partner with a public cloud.
For those who choose a public cloud, security becomes a dice roll. While it’s unlikely that a breach will occur on a scale large enough to put your company at risk, it’s always a possibility.