Cloud computing vendors such as Amazon and Google aren't prepared to meet the needs of corporate IT particularly when it comes to security.

That was the view from the panel - and the audience - at Computerworld's Premier 100 IT Leaders Conference in Orlando.

Security remains the biggest concern but the IT executives also cited reliability and availability as hurdles that cloud vendors would need to overcome before they can truly win over IT departments.

"It's just an immature market," said Daniel Wakeman CIO of edudation testing company ETS. Wakeman noted that he'd be interested in using cloud computing services that could enable ETS, which has a highly cyclical business and an average server utilisation rate of just 8 percent, to modulate its processing capacity as needed.

Wakeman has gone so far as to benchmark internal servers against's Elastic Compute Cloud (EC2) service. But even though the costs were similar and EC2 could be an answer to Wakeman's server utilisation issues, he's currently limiting his use of cloud services to pilot projects and development testing - "things that don't require full levels of security."

Manjit Singh, CIO at Chiquita Brands International, said that cloud vendors have to do "a lot more work" on security, reliability and manageability to be able to serve global enterprises such as Cincinnati-based Chiquita. "I probably wouldn't put anything mission-critical in the cloud now," Singh said, although he added that he hopes to be able to do so in the future.

Singh said he also is concerned that cloud vendors will eventually come up with new ways to charge customers "that are worse than [software] maintenance fees." And he worries that if he were to change cloud vendors in the future, his data might not come back to him in a recognisable form.

The US Defense Information Systems Agency, which provides most of the systems used within the Department of Defense, is deploying an internal cloud computing service called the Rapid Access Computing Environment. The RACE technology is "embryonic" now, said DISA CIO John Garing, who added that he also hopes to be able to rely on external providers in the future.

"If I were king for a day, I'd rather turn to a Google, Amazon or somebody else and say, 'Do this for us,'" Garing said. "We're starting on our own, but I hope that some day there will be a hybrid model where I can use outside services without having [people] say, 'Oh my gosh, we're on the Internet.'"

But if things continue as they are now at cloud vendors, "we're going to be at an impasse," he cautioned. "If they're going to be more than just a CRM vendor, say, they're going to have to do more than just provision a web service and run it."

Despite the current shortcomings, both Wakeman and Singh said IT departments should embrace cloud computing as a concept, because business users are sure to push for its adoption.

Wakeman said ETS followed a similar path on open-source technology with its software developers; now all of the company's applications are built on the LAMP stack. With cloud computing as well, IT "should get out in front of it by setting policies and getting involved," he said. "Because it's going to happen."