Why Security Needs to Stick it’s Head in The Cloud

It comes as no surprise that cloud has become one of the most talked-about topics in the industry given the pressure that CIOs and their teams are under to improve ROI and reduce TCO. According to analysts at IDC, public cloud spending is set to grow by an incredible $122.5 billion this year, which is a 25% inflation from 2016. Nine out of ten organisations are now using cloud-hosted apps and services, some likely without even knowing, it as they upload photographs onto their company Twitter page or log sales into Google Docs.

The concept of the cloud was invented in the 1950s in the form of mainframe “time sharing” which saw multiple users sharing mainframes for data access and CPU time. The cloud in its modern form then emerged at around the same time as the internet in the 1990s and was so named by Professor Ramnath Chellappa.  In a paper that he presented in Dallas in 1997, the Professor quite aptly defined cloud computing as a “…computing paradigm where the boundaries of computing will be determined by economic rationale rather than technical limits alone.

[easy-tweet tweet=”60% of businesses claim to save money because of the cloud.” hashtags=”Cloud, Business”]

According to a study conducted by the Cloud Industry Forum, it appears that Chellappa was spot on.  Less reliance on data centre hardware and the advent of cloud-based subscription service programs has resulted in 60% of businesses now claiming to save money because of the cloud. In addition to helping organisations save money by purchasing less, the cloud also helps businesses save money by improving efficiency and accessibility to a vast spectrum of shared resources.

Maybe all these numbers won’t come as much of a surprise to IT Pros. It is fair to say that along with the internet, the cloud has fundamentally changed how we work today.

So, what’s the problem?

Whilst the above statistics seem to portray the cloud as a widely embraced service, there remains some apprehension around what, when and how much data businesses should be migrating to the cloud. One of the biggest concerns is data privacy and security. Namely, some people don’t think the cloud is secure enough to be trusted with their data – and the thought of implementing their own security tools within the cloud is too much to handle. Duncan Brown, an analyst at IDC whose forte is data security, supports this argument by suggesting that there are three “P’s” holding people back from moving wholeheartedly to the cloud: Privacy, Perception (of the reputation of cloud service or cloud security service), and Paranoia.

So, whilst the cloud hugely benefits organisations in terms of efficiency and flexibility, organisations can perceive security as lacking within the cloud, either bolted haphazardly on to strategies as an afterthought or worse, left out altogether. When considering the vast quantities of often incredibly sensitive data that are stored in the cloud, the lack of well-thought-out and integrated security plans is a worrying prospect, particularly with the growing security threat landscape which lives to seek out and exploit organisations’ vulnerabilities.

[easy-tweet tweet=”Why some people aren’t getting the most out of the cloud is the struggle with trust” hashtags=”Cloud, Security “]

Security and ITSM Uniting Within the Cloud

A lingering reason why some people aren’t getting the most out of the cloud is the struggle with trust. However, in practice, we increasingly understand that data entering and leaving the cloud is subject to the same level of scrutiny as any other data entering or leaving the network, and in some cases subject to a higher standard. Critical network security such as firewall, asset management, application control, and AV are employed in combination to provide that level of scrutiny.

An integrated ITSM and security solution is capable of improving operations for IT management and IT security, as well as for business efficiency as a whole. IT Service Management plays a vital role as it often represents an early warning mechanism capable of identifying incidents which can represent a potential threat that could impact a cloud-based service. If working properly as an extended team, the service desk can quickly alert the experts if a risk is identified with a local or a cloud-based service… In many cases an action must be taken, quickly deploying a patch for example, and this sequence is best performed by the service desk, operations and security teams working closely together.  Taking this a step further, the action can be requested through the Service Catalog which then employs automation tools and enforces audit and governance standards thus permitting the organisation to execute both quickly and in the best possible manner.

In a unified and coordinated IT operating model, the service desk would help facilitate a culture of security awareness within the organisation – monitoring user behaviour and quickly identifying risky actions are just two examples of this growing awareness.

Once organisations start better understanding how to best leverage Cloud based systems, and the inherent strength of a layered, unified service management and security service, any lingering fears around cloud usage will fade away and lead the way to further business efficiencies uniquely associated with the many benefits of Cloud.

 

 

+ posts

As a member of the new Ivanti organisation, formed through the merger of LANDESK and HEAT Software. Kevin is responsible for Product Strategy, Client Success and IT Thought Leadership for the global Ivanti business and the unique and growing Ivanti customer base. In addition, Kevin is the author of the new book, The Practical Guide to World-Class IT Service Management.

Unlocking Cloud Secrets and How to Stay Ahead in Tech with James Moore

Newsletter

Related articles

Driving the Future of Connectivity with Data Centres

As an astonishing matter of fact, there are 5.3 billion people...

Willow’s Breakthroughs in Quantum Stability

The Start of a New Era Have you heard the...

Cloud Computing Demands Robust Security Solutions

Modern organisations are increasingly reliant on cloud computing to...

Unlocking the future of manufacturing; AIOps network optimisation

Global manufacturing activity has failed to show signs of...

Why is the hybrid cloud the future of computing?

Have you ever wondered how companies can benefit from...