More and more data and applications moving to the cloud, which means that those applications and data are accessed by individual endpoints rather than being saved centrally or protected by the existing company IT security infrastructure. For CIOs, coping with this shift in how IT services are delivered means that they have to think about their security and DR planning.
Security and DR are going to see some challenges in 2016, we spoke to another two Cloud Experts about their thoughts on the future. Here are the predictions from Jaspreet Singh, CEO at Druva and Wolfgang Kandek, CTO at Qualys.
[easy-tweet tweet=”Read @Comparethecloud’s next two #CloudExpert 2016 predictions from @wkandek and @jaspreetis” via=”no” usehashtags=”no”]
Wolfgang Kandek, CTO at Qualys:
Many IT security vendors are predicting that there will be a huge upswing in attacks on mobile devices. Personally, I do not see mobile phones being the next big security target of 2016. iOS and Android are immensely better than traditional computing endpoints when it comes to commercial malware; the incidents of malware getting onto phones mainly came when there were failures in the process around development of the applications that people use in the case of XcodeGhost, or people downloading fake applications from crack sites. In PC security terms, this is going back around 15 or 20 years in terms of approach.
However, other mobile devices – particularly laptops that don’t often get back on to the corporate network – will be targeted. Devices used by mobile workers that have to access Internet-based services from untrusted locations will be a risk if traditional security approaches only are used. Instead, it is important to think about how these endpoints can be kept secure when they are never within the corporate network and can’t rely on those large firewall implementations or network security solutions to be kept secure.
As more applications and IT infrastructure move into the Cloud, the amount of It on the corporate network will be reduced. This will make endpoint security more important. Taking a “secure by design” approach to how those services are accessed, including multi-factor authentication for access control and continuous scanning for vulnerability management, will therefore become more important in 2016 as well.
I think we will continue to see PCs and laptops being the primary targets, as these offer attackers the greatest return on investment.
Making use of Cloud security alongside Cloud applications will be a natural next step as more IT services move into the Cloud.
[easy-tweet tweet=”iOS and Android are immensely better than traditional #computing endpoints when it comes to commercial malware”]
Jaspreet Singh, CEO at Druva:
Today, more company data is being held on mobile devices rather than on central storage. IT teams are therefore relying on individuals taking best practice approaches to saving data. This is not ideal.
Cloud DR can help IT plan more effectively, whether that data is held centrally or is found on individual devices like laptops and mobile phones. Gartner recently predicted that people would continue to have multiple personal devices; by 2018, employees will have three to four personal devices that can be used alongside enterprise-provided IT devices. As people use these additional phones, tables, PCs and devices it will spur the commoditisation of enterprise storage, leading to price reductions.
In this “mobile-first” world, devices will be where you merge various services and SLAs into a single system that works seamlessly for end-users. Abstracting the data away from the device can actually help here too – rather than tying users to specific devices with isolated storage of data on each one, the business can manage all data assets wherever they happen to be.
The consumerisation of cloud storage will see businesses focusing less on managing the infrastructure to contain and hold data; instead, business IT will concentrate more on building out services that bring value by using the volumes of available stored data.
[easy-tweet tweet=”By 2018, employees will have 3-4 personal devices that can be used alongside enterprise-provided #IT devices” via=”no” usehashtags=”no”]