Security Considerations in the Cloud

Security Considerations in the Cloud

When cloud first entered the market, there wasn’t a huge focus or consideration on data security. Now that cloud adoption is becoming more common and with several well-publicised security incidents, it has sparked fear and concerns around data security in the cloud. Governments and legislators are also becoming more aware of these security risks and are implementing new legislations to protect data privacy and confidentiality.

But it isn’t as worrying as it sounds. Due to its maturity, security in the cloud is now more robust than most on-premise security solutions. However, the inherent security features of the cloud that are now available are not yet being widely adopted. This is due to legacy applications and solution designs. The fact that these features are so new also means architects, planners and designers are not fully across how to implement these security features as part of their broader cloud solutions design.

How Cloud is More Secure

All major security vendors now have a cloud centric security platform. Two-factor and biometric based authentication is now a standard feature for most cloud platforms in the market and can be easily integrated into existing applications and platforms. This gives you an indication of the strength and availability of options for security in the cloud today and how easily they can be integrated into an existing system.

Data encryption is also a standard tick box in almost every cloud platform available in the market today. It is baked into the cloud platform itself rather than being an add-on feature of a security vendor solution.

All of these are native security features of cloud platforms, and this is before you even start to consider security vendor solutions that will go on to provide further protection.

Compliance (industry and government) is now also part of most public cloud platforms (see Microsoft Azure and Amazon Web Services’ compliance pages). Even the private cloud hosting providers (such as Next DC) have compliance certifications (such as ISO 27001).

What this means is the security features and options available to businesses in the cloud today are actually better than if you had your infrastructure on premise. It is a matter of ensuring that your solutions are architected, designed and developed properly at the beginning.

What to Do Next

If your organisation did not give security the right amount of attention when migrating to the cloud, or if you were an early cloud adopter and these security features were not available at the time of your migration, all is not lost. Security features can be introduced into your existing solution through a phased or agile management approach.

In addition to all of this, cloud technologies give you the flexibility to rapidly adopt new security technologies and best practise as they become available. Cloud reduces your lead times and delivery delays in adoption of new security technology innovations.

How Somerville Can Help

Working with a service provider with a strong security practise will help make this process easier. They will ensure you are taking full advantage of not only native security options but also frameworks, guidelines and best practise around security for your organisation. In addition to this, they can provide real time monitoring of cloud services so you have a clear picture of your IT environment’s health and status. This means if a security incident does occur, you are able to quickly respond to risks and stakeholders and lower your risk profile.

Security and data privacy awareness is increasing exponentially and has fast become a priority across management layers in most industry verticals. It is important to not only protect your data and applications today but also be aware of the security technologies and considerations that are coming and legislative changes that you need to be prepared for. Your Manager Service Partner will be worth their weight in gold when it comes to keeping you up to date on Security best practise.

If you need assistance with your businesses security in the cloud or would like to find out how mature your security strategy is, reach out to the Somerville team.

Should You Make the Journey to the Cloud?

It’s a question many businesses are asking: should you be moving all of your IT workloads to the cloud?

 

Cloud means different things to different businesses, representing different opportunities and investment levels depending on the type of business and application suite you run. It is not a one-size-fits-all and it is not a foregone conclusion that every workload is better in the cloud. The decisions in this journey are about the workload and the right location for that workload.

The reality is that the cloud will definitely play a role in every organisation’s delivery of IT. There will always be applications and services that are cloud native and as a result it does not make sense to consume them in any other way.

Cloud also offers flexible cost models which allows businesses to decide whether they CAPEX or OPEX their technology or do a mix of the two (hybrid cost model). This provides the ability to select a financial model for technology consumption that best suits the business.

 

The world is a changing place with the growth in IoT technologies and we are starting to create larger volumes of valuable data at the point of creation (be it on premise or in the cloud or in a remote location). In architecting your IT workloads you have to consider these challenges and sometimes cloud is not the right answer.

In its place, Cloud technology brings huge value. You are leveraging off massive investments in infrastructure and technology cost effectively when using a cloud based infrastructure. We live in an increasingly connected environment and cloud technologies ease that ability to connect and as such there are many compelling reasons as to why moving to the cloud makes sense. It is, however, application based.

There is also convenience of operating in the cloud. You may find some of your key application providers operating out of the same data centre, at which point interconnection becomes a possibility and performance, availability and resilience of that application all becomes infinitely easier. Features like High Availability, Resilience and performance are an example of some of the opportunities to simply deliver all of these key requirements with cloud technologies.

Once you embark on your cloud journey you may find you have workloads in a mix of locations (on premise, in remote locations and potentially in multiple clouds). All of the data generated through these workloads needs to be secured and made accessible to the business. The cloud in this scenario is an integral part of a wider connectivity platform.

 

A good example of how cloud can help is an organisation like a law firm, with 20 different locations and with each location creating significant amounts of data, that all needs to be centralised, secured, resilient and available at all times. A business like this highly suited to a hybrid cloud infrastructure.

So, to answer the question of whether should you make the journey to the cloud …it has to be said that it depends! The things you need to consider in making this decision include:

  • Applications and workload
    What are your critical applications and is the cloud right for them?
  • Your need for high availability and resilience
    Do you have the right level of availability for your workloads and can you operate without them?
  • Performance requirements
  • Data access requirement
    How do you need to access the data created from a workload?
  • The best fit financial model for technology consumption for your business

 

These are just a few of the important considerations that must be involved in the process of decision making on a cloud journey.

At Somerville, our consulting teams help our customer take the journey to the cloud. We start by designing the right solution for our customers’ needs, and then deploy the solution in their environment. We bring the many facets of a hybrid IT environment into a manageable and cost effective platform to deliver on a customer’s required outcomes.

Click here to take the first steps in your journey to the cloud.

Preparing to Succeed In an Uncertain Future

When it comes to business, planning is everything. No matter how great your idea, how skilled your people, and how ripe your market, rushing in without consideration is unwise. Digital technology is throwing a spanner in the wheel of traditional business practice, though. The speed of change and magnitude of market disruption have left many organisations on the back foot, frantically adjusting plans that are outdated as soon as they’re written. So how do you prepare for something you can’t see coming?

Continue reading

Cloud: The Future Is Clear

Cloud – the future is clear

Cloud computing has already irreversibly changed IT, but its real impact is still to come. Those that are still thinking that it is just another IT fad had better think again or be left behind.  The underlying benefits and economics of cloud computing are driving its adoption and these are only accelerating as it continues to improve and evolve.

While only five years ago vendors were still trying to explain the concept of Cloud to corporates, today nearly every enterprise has cloud, with hybrid cloud the preferred strategy for 85% of enterprises (download the RightScale 2017 State of the Cloud Report). What might surprise the enterprise employees is that on average they are running applications in 1.8 public clouds and 2.3 private clouds.

Not only is usage increasing but the challenges are also dissipating with concerns about security, and lack of resources/expertise falling significantly leaving managing costs as the primary concern, although that has fallen as well, just not as fast.  One of the ways to manage costs is to get the right balance between private and public cloud, which is why hybrid cloud continues to grow.

Given the significant cost advantages Cloud computing has over traditional IT, the increasing efficiency gains being generated from Hybrid Cloud are widening the cost/productivity gap between organisations that have moved to cloud and those that have not.  In some industries, this can be the difference between the organisation being competitive or obsolete.

Some IT commentators have likened the importance of Cloud to corporate computing to being on par with the introduction of the smart phone to mobile telephony.  Similarly thinking of Cloud computing as being a server at a different location is like thinking of a smart phone as a mobile phone with a touch screen – it is simultaneous true while completely missing the significance of the change.

The benefits of Cloud computing are not just that it is more efficient and easier to manage, it also fundamentally changes an organisations IT capability and options.  Like the internet itself, Cloud is specifically designed to maximise redundancy, at the same time it is also designed to maximise performance and efficiency.  This is a three-way combination that needed to be weighed off against each other in traditional IT.

Cloud also enables the organisation to choose the best application for its requirements, rather than the best application that can run on the organisations IT environment. In a rapidly changing world this freedom to choose could be the difference between thriving and surviving.

Not surprisingly Cloud computing has evolved, so have the options.  When incorporating cloud computing into your existing infrastructure you can choose or combine a range of options such as: Network Access, Unified Threat Management, Infrastructure as a Service, Platform as a Service, Business Continuity Protection, Managed Services.

Somerville has been helping a wide range of clients with their Cloud strategies, from taking their first steps all the way through to fully customised hybrid Cloud implementations.  We pride ourselves on delivering the right solution to meet your organisations needs and budget. Please contact us via the enquiry form so we can discuss your organisations needs and create a solution that fits your organisations requirements, now and in the future.


About the Author

Craig Somerville is the founder and CEO of Somerville IT with over 35 years’ experience in the IT industry, Craig has spearheaded the growth of one of Australia’s leading providers of IT solutions to schools and corporates.