Skip to main content

Is the cloud secure

Page contents

Cloud Centre of Excellence - NHS Cloud strategy

Let us know what you think about the Cloud Centre of Excellence (CCOE) strategy.  

Is the cloud secure

For many organisations, the security of public clouds is their primary concern when assessing and planning their cloud journey. It is natural that people question whether their data and services will be adequately protected when adopting new services, delivery methods and ways of working. This is particularly relevant in the case of public cloud services, as their use affects all of these things.

We consider public services delivered using the public cloud platforms of major cloud service providers to be at least as secure as those delivered from most internal datacentres. In reality, the current range of security controls available through public cloud platforms exceeds most organisation's on-premises capabilities.

What's more, with cloud adoption set to accelerate for the foreseeable future, the demand for cloud security offerings will drive a constant increase in their maturity and capabilities.

Why the cloud is secure

In many cases, the cloud is more secure than on-premise data centres because cloud providers have made and continue to make significant investments within their service offering to ensure data protection. Many cloud services for business have security features built in, including application role-based authentication. There cloud security provisions are based of 3 main factors

World-leading security
World-leading security

The hyper-scale cloud service providers invest vast amounts of time and money in securing their cloud platforms. Their specialist security teams of global security expertise that are out of reach for most organisations.

Accreditation
Accreditation

Cloud providers understand their customer's concerns, and are independently audited and accredited to the highest standards.

Tooling
Tooling

Cloud providers understand this is a complex area and provide customers the tooling required to identify security risks and offer best practice suggestions.

It is important to remember that you must always be responsible with data and that your services should be secure by design. Cloud services provide world-class security and alleviate the burden of implementing and operating effective security controls, but using the cloud never removes your responsibility to protect data and services.

Further information

internal How does the cloud change things

It’s important to acknowledge that the cloud changes more than how we host workloads, it fundamentally changes: how we purchase and pay for services; how we design, build and operate services; the skills required to design, build and operate services; and our responsibilities when operating services.

internal The characteristics of public clouds

This primer provides an overview of public clouds and focuses on specific areas of importance for public NHS and healthcare organisations.

Last edited: 20 January 2025 11:41 am