The rapid adoption and move to public cloud highlighted by the near ubiquitous adoption of some of the largest SaaS applications in the world such as salesforce.com, Workday, Netsuite and others, has proven that companies across all industries believe that their data is safe in the cloud.
In fact, some of the largest financial institutions such as Capital One, one of the nation’s largest banks and offers credit cards, checking and savings accounts, auto loans, rewards, and online banking services for consumers and businesses, are using Amazon Web Services (AWS) as a central part of its technology strategy. As detailed in this case study, Capital one plans to reduce its data center footprint from eight to three by 2018.
Capital One selected AWS for its security model and for the ability to provision infrastructure on the fly, the elasticity to handle purchasing demands at peak times, its high availability, and its pace of innovation.
AWS has also been deployed by other major enterprises and government institutions across the globe including the CIA. In fact, the CIA raised more than a few eyebrows when it selected Amazon over IBM, even when IBM was the lower cost option.
What of the data, though? Intelligence agencies are drowning in it, collecting and analyzing an amalgamation of information from sensors, satellites, surveillance efforts, open data repositories and human intelligence, among other sources. Is that data really secure in the cloud? The CIA is convinced it is. - Article: The Details About the CIA's Deal With Amazon.
Back in 2014, CIO Doug Wolfe provided an in depth look into the decision. Turns out that the CIA paid a premium, not just for the infrastructure-as-a-service, but for the availability of the applications. He name checked AWS’s Kinesis and Redshift applications as offering the kind of capabilities that the CIA needs, while also highlighting AWS’s Marketplace storefront.
However, many companies understandably still have doubts and fears around moving their data into public cloud. This paper provides a guide to cloud security and a comprehensive list of security questions that can be used as a reference for organizations to confidently evaluate their hosting options, a comprehensive modern data management Platform as a Service (PaaS) as well as the benefits of having secure data-driven applications delivering insights directly to frontline business users.