A new Forrester Research report suggests fears about the NSA, cloud security and privacy will boost on-premises software spending. Sorry but that's flawed logic. Here's why.

By now, you've heard the Fear, Uncertainty and Doubt (FUD): The U.S. National Security Agency has infiltrated cloud services providers (CSPs) in its quest to find terrorists before they strike. That may be true. But somehow the cloud spying issue is perpetuating a myth that on-premises IT is safer than cloud IT. After all, Dell, Cisco Systems and other hardware providers are now worried that the NSA is using back-doors into networking equipment for more spying activity.

The Risks Are Everywhere

Read between the lines, folks: The NSA's spying activities happen both (A) in the cloud and (B) on premises. While some CIOs may be worried about cloud privacy and security, consider this question...

Who is in better position to safeguard and protect IT assets, applications and data:

  1. Individual IT managers at independent companies that struggle to keep basic server operations going?
  2. Massive cloud services providers that hire the best security consultants and spend millions -- perhaps billions -- protecting their infrastructure and customer data?

Generally speaking, I'll vote my IT spending dollars on group 2.

Cloud Spending Still Rising. Fast

Still, Forrester Research says CIOs in Europe are concerned about the NSA and re-thinking whether to put data in the cloud. That may be true but consider these Forrester findings:

  • Forrester believes the stable on-premise software market could grow 5% to 6% in 2014.
  • Forrester still expects spending on cloud technology to grow by 20% or more in 2014.

One other thought for CIOs that want to keep IT and applications on-premises. What's easier: Rolling out an on-premises CRM system, or simply activating a CRM application in the cloud?

Yes, NSA will certainly impact the cloud market a bit. But don't let the scary headlines fool you. CIOs don't want to be in the on-premises security business. If there is a data breach, surely most CIOs would rather blame their CSP rather than an on-premises glitch.