For many administrators, security is a concern that holds them back from migrating services to the cloud. In reality, though, security of the cloud is one of its significant benefits.
Companies that provide cloud-based services often invest more money in security than an individual institution of higher education. So the level of protection will likely be much higher than with on-campus hardware. Also, protecting, encrypting, and storing data—along with keeping it private—requires specialized expertise that cloud-based service providers have, but many colleges and universities don’t. Especially in this age of data privacy laws, like the General Data Protection Regulation in the EU, California’s data privacy law and others, you don’t want to risk a data security error.
Mike Scheuermann, retired Associate Vice President of Instructional Technology and Support at Drexel University, argues
that higher education should get out of the data security business and focus on its core competencies.
“Data security and all that it represents is challenging and detailed business—it requires knowledge, expertise, and credentials that are increasingly rare and specialized (read: very expensive),” Scheuermann wrote
. “Higher ed simply cannot afford to keep paying higher and higher salaries to attract these experts, let alone develop and retain them. Whether moving to a public cloud, a private one, or some sort of hybrid, the expertise that comes with cloud-based services is cutting-edge. That is their set of core competencies, and they cover all of these areas. In moving to the cloud, we in higher ed would be able to return to our own core competencies, focusing on and funding our research endeavors as well as our teaching and learning initiatives.
”Even though the cloud may be more secure than on-campus equipment, it’s still essential to reduce security risks by choosing the right vendors when moving services to the cloud.
Dominican University’s Jill Albin-Hill, Vice President for Technology and Operations, told University Business
that the security concerns of the cloud of five years ago have been alleviated. Still, though, it’s essential to have a “well-vetted contract” and ensure your cloud-based service provider complies with its terms.