Both existing and potential cloud users are worried about issues like security, auditability and lock-ins, an IDC survey has found.
The key message from the pan-European survey of almost 700 IT decision-makers, released this week by the analyst firm, was there was still a long way to go before we see widespread cloud adoption.
IDC's Governance and the Cloud survey focused on eight areas of concern - from both a user and a potential user perspective - and found barriers to the wider adoption of cloud were more complex than many in the industry might suspect.
While focused on governance, the survey also drilled-down into perceptions of security, data location, auditability, upgrades, service provider lock-in, interoperability and service level agreements including end-to-end SLAs.
The results were broken-down to show the concerns of full cloud users (281 organisations), limited users (181 organisations) and non-users (231 organisations).
Analyst David Bradshaw said governance itself did not seem to be the big hindrance to cloud adoption.
"Indeed, it is almost the reverse, that user organisations that say they have full use of the cloud in one or more areas actually show more concern over governance issues than those that say they do not use the cloud at all," he said in the report.
The study found many differences in the concerns held by full and non users.
"Two specific areas of concern, data location and control over upgrades, are mentioned by a significantly higher proportion of non-users of the cloud than users, and therefore need to be addressed by cloud vendors seeking to market to the late majority' of user organisations," he said.
"Perhaps of more concern, those organisations that are most committed to the cloud have the most concerns. This is likely because they have issues that they have to take into account on a day-to-day basis while managing their over-all IT estate."
About 43 per cent of full users were concerned about security, compared to about 39 per cent of non-users and 33 per cent of limited users.
Auditability was of concern to about 36 per cent of full users but only about 27 per cent of non-users.
UK respondents were the most likely to be concerned about auditability and the least likely to be concerned about interoperability.
More current users were worried about contract lock-ins (33 per cent) compared to those yet to move to the cloud (24 per cent).
Non-users, however, were vastly more concerned about upgrades (about 36 per cent), compared to non-users, (about 26 per cent). The location where data was stored concerned about 39 per cent of non-users, while those who had already taken their first steps into the cloud were far less worried (30 per cent).
Bradshaw said cloud vendors needed to examine their security, auditability and lock-in policies because these areas caused the most concern to serious cloud users.
"These are areas that could help rival vendors, for example those offering private cloud services for an affordable premium over public cloud services, to win over the heaviest users," he said.
"In the medium term, IDC believes public cloud vendors will all have to address these and other governance issues, as they will assist them to retain customers and win over those who are unwilling to place business-critical processes in the cloud."
