The misperception is that data (primary data or back-up data) that resides in "the cloud" is vulnerable to intrusion or theft by others. The truth is that today's server installations have been deemed secure enough by many leading Internet-dependent companies and organizations, like Google, eBay, Verizon and even the U.S. Government.

Enterprise cloud computing - or "the enterprise cloud" - brings infrastructure-as-a-service to any business. It allows for dynamic allocation of required resources designed to scale as client capacity and performance needs grow. Security is inherent to the solution. Though data is located in an array of shared servers - which helps keep costs down, individual content is discrete and protected. Content is accessible via a password protected Web dashboard. Firewalls and intrusion detection applications are manned by certified security specialists. Servers themselves are locked in "cages" in a highly secure data center. Simply put, client data - and the server it resides on - are locked down.

As with many cloud computing providers, clients should rely on the vendor's expertise as much as the service itself. For example, at I-BN, our rules and practices are designed to protect client content from various threats. For example, our latest products secure against "SQL injection." Also called SQL insertion attacks, this process seeks to exploit security vulnerabilities in the database layer of an application.

Client remote access is gained via Hypertext Transfer Protocol Secure (HTTPS). This combines HTTP with SSL/TLS protocol to secure network identification and encrypt communication - creating a secure tunnel for the session. We also comply with Sarbanes-Oxley in requiring clients change passwords every 90 days.

No one can protect against every threat. The greatest vulnerability to your cloud service - beyond a disgruntled employee who has access and seeks to cause malicious damage - is a password written on a sticky note stuck to the monitorQuestions arise because the cloud technology is somewhat new and there is a level of misinformation and uncertainty. As a result,they fear their data will not be secure on a cloud-based server. They worry it will become immobile and they'll be locked in - either by contract or data incompatibility between platforms - should they plan to move to another provider. So they seek a lower-cost, easier to comprehend alternative. This often ends up being a friend "in the computer business," or an employee who claims to know how to back up data or set up a private cloud installation.

Gary Feldman

• Email

A pioneer in the ASP market, Gary Feldman formed I-Business Network in 1999 as an outsourced application hosting service focusing on mid-market ERP systems. He achieved the first ASP agreement with Sage Software (State of the Art), Advanced Software Development Company and SAP Americas (for SAP Business One). Feldman also helped I-BN to innovate ERP deployment through the use of pre-configured databases with rapid deployment and subscription/fixed fee pricing.

I-BN was one of the first ASPs in this space to provide virtualized services and cloud computing to the mid-marketl. It is currently developing tools and techniques for automation of both technical and ERP provisioning for SAP Business One and Sage MAS EES to reduce total cost of ownership through application hosting.

Feldman was formerly an executive with Accenture and was a CIO for a mid-market company. He began his career as a CPA specializing in audit and accounting information systems with BDO Seidman and founded a consulting practice with a regional CPA firm.