The newly published KPMG IT Outsourcing Service Provider and Performance Satisfaction Study 2014/15 suggests that UK businesses are not adopting Cloud-based services at any significant rate, instead preferring to outsource their IT function to improve service delivery.
As part of its global analysis of 2,100 contracts, the study examined more than 330 UK-based IT contracts, and found that “71 percent of UK organisations are spending a mere 10 percent, or less, of their IT budget on Cloud services.” Many organisations in the UK prefer to outsource their IT function instead – 51% to India, 8% to Poland, and 8% to South Africa.
Asked about their reluctance to employ Cloud services:
- 26% of UK respondents cited concerns about security, privacy risks and data location.
- 16% were concerned about regulation and compliance.
- 15% expressed wariness about “the ease with which Cloud services can integrate with legacy IT systems”.
Budgetary limitations continue to play a major part in IT outsourcing: 43% said they plan to increase spending in the next two to three years. In last year’s survey, this figure was 77%.
Asked why they outsourced:
- 20% were motivated by quality improvement.
- 16% cited access to skills.
- 6% expressed a desire to reduce the time it takes to “get things to market”.
The decision to outsource may also be a reaction to new UK and EU data protection laws – such as the General Data Protection Regulation – and, possibly, concerns about state surveillance. Outsourcing isn’t an ideal solution to legal constraints, however: both the UK Data Protection Act (DPA) and the EU Data Protection Directive limit what information can be transferred outside the European Economic Area.
If you’re concerned about business efficiency and the security of your organisation’s information assets, an information security management system, as set out in the international best-practice standard ISO 27001, will help address both.
An ISO 27001-compliant ISMS streamlines your existing business processes, bringing them into line with international best practice, allowing you to take an enterprise-wide approach to information security management while increasing the efficiency of your security function.
For more information on ISO 27001, and how IT Governance’s ISO 27001 Packaged Solutions can help businesses of all types implement an ISMS at a fixed price, click here >>
For more information about Cloud-specific data protection, see our new pocket guide, Data Protection and the Cloud – Are the risks too great? Click here for more information >>