According to research, cloud computing is cited as one of four critical technology trends – others include Internet of Things, mobile computing and social media – that are likely to have the most significant impact on business over the next two to three years.
By Kevin Krige, head of data centre and cloud service at BT, Africa
It is becoming increasingly evident that a modern business – irrespective of geography and industry – needs to start viewing the cloud as a reliable, trusted and secure service – one that offers scalability and cost benefits, not to mention creates value by assisting the business in staying relevant to compete in the fast changing, competitive landscape of digital businesses.
Cloud-based infrastructure should therefore be the cornerstone of every businesses transformation strategy – to support rapid adaption of other digital technologies.
But how do you build a cloud strategy that is fit for purpose, for your business?
Choosing a cloud-based infrastructure
Switching legacy systems for cloud collaboration is essential to keeping the workforce productive, operational costs at a minimum and the organisation successful. However, there is no single cloud deployment model that is ideal for all business needs. Most companies are beginning to utilise a range of different public cloud services while simultaneously building private cloud infrastructures.
For example, a private cloud deployment model – whether owned on-premise infrastructure or sourced as a managed service – is often the preferred model for handling sensitive data and applications that are of strategic importance to the company or subject to regulatory conditions.
However, if a private cloud is built in-house then it will require excess standby capacity and capital costs. Such costs can be overcome by sourcing the private cloud as a consumption based managed service. Hence managed or hosted should be the preferred sourcing strategy to ensure the economic benefits of a private cloud are achieved.
On the other hand, public cloud infrastructures are often called upon to handle peaks in demand for computing resources (Infrastructure as a service – IaaS), for testing (Platform as a service – PaaS), and for non-critical/niche services (Software as a service – SaaS).
The primary benefits of public cloud services are the flexibility for rapid up and down scaling of capacity at large volumes, the lack of term commitments and agility afforded through access to growing market places of PaaS and SaaS capabilities.
However, compared to a private cloud model, public cloud services can be more difficult to tailor to the unique needs of the business and offer fewer security, privacy and compliance guarantees.
Therefore, the perfect cloud environment is one that allows easy and secure consumption of internal services and external solutions. Though achieving this equilibrium can be a challenge and especially if a business has a host of cloud services from multiple vendors, all offering variable degrees of support and security.
Manage your security risks
Cloud computing is founded on a virtual environment – therefore the threats that apply to virtualisation also apply in the cloud computing space.
Extending virtualisation to the cloud – with data stored in private and public clouds and on mobile devices – causes a business network perimeter to become more elastic, and therefore new threats to be introduced. Also, as cloud computing expands to cover data stored in private and public clouds, and on numerous roaming mobile devices, new threats are inevitable.
Therefore, it is essential to a successful cloud computing deployment to proactively manage the business security risks. The seven major potential threats we have found to be most common and that all businesses should be aware of include, virtualisation-based attacks, phishing attacks, data movement and remnants, insider threats across the business, or the cloud service provider (CPS), legal and jurisdictional threats, and threats to physical and/or shared infrastructure.
With this in mind, any organisation considering cloud services needs be cognisant that security in the cloud is a shared responsibility, with the CSP securing the underlying infrastructure and the customer responsible for what they deploy on top, namely; customer data, identity and access management, operating system, network and firewall configuration, client and server-side encryption.
The potential benefits and gains from a cloud transition are significant – and it should be viewed as a key enabler for IT delivery in a modern, digital organisation. And, because there are a dizzying number of options available to the decision maker, a considered approach is required to ensure inter-operability and integration with existing services – bridging the old with the new – and that high levels of security are maintained.
It’s important to remember that delivering a great user experience for cloud services means addressing the network too. This requires its own set of skills and insights as well as secure, resilient and agile connectivity to the multiple cloud services businesses consume. Having choice in, and control of, the cloud process is fundamental to the success and to providing the organisation with a modern platform for future growth.