I was looking for some numbers in support of my belief that we should focus more on enabling organizations to benefit from cloud applications, rather than sticking with the “on premise security” mantra of control and prevention. Any applications or services consumed from the cloud just can't be as tightly controlled by the enterprise IT as anything operated within their own environment.
I found these articles:
I share the view expressed by the author in the conclusion of this article:
"If anything, it seems like IT needs to shift away from its role as gatekeeper to instead being an enabler, one that finds different ways to deliver security. For example, Apigee enables enterprises to secure sensitive data rather than the devices or apps running beyond IT's control. These and similar measures may be ways for IT to remain relevant in a cloud-dominated enterprise, one that doesn't need or seek IT's permission to spin up another EC2 instance or start a Dropbox shared storage space.
