Reinforce Security First to Adopt Cloud-FirstBy CIOAdvisor Apac | Friday, November 30, 2018
Present-day business scenario depicts the cloud as a powerful driver for groundbreaking business initiatives. Organizations are reaping the benefits of delivering products and services directly from a cloud infrastructure without the need for a physical foundation. It would be a Herculean task to find an enterprise that is not infused with cloud computation. This cloud-first strategy makes way for agile business operations, cost reduction, and substantial improvements in productivity. However, the long-term consequences of the cloud are still being discerned as organizations test with diverse private and public cloud models. Significant threats lurk in hybrid cloud-(private and public) and multi-cloud-incorporated environments because they lack homogeneity in their management interfaces, security, and third-party tool support. IT departments are barely able to keep up with the existing threats and are unfamiliar with how a cloud-first strategy influences their roles and functions. Not being able to monitor the ever-expanding security concerns of cloud implementation can potentially lead to data spills, budget overruns, missed deadlines, and more.
Suggested Read: Pitching the Cloud
By Anthony Stevens, CIO, KPMG Australia
Organizations can implement these practices for a secure cloud-first strategy.
1. Automate everything.
Automation is a critical element for optimizing cloud security that helps avert misconfigurations, ensure uniformity, and maintain turnover and organizational shift. Organizations can take advantage of powerful third-party tools and platforms to guide their automation approach.
2. Adopt platforms, tools, and solutions that favor hybrid and multi-cloud environments.
In the transition to the cloud landscape, some of the workloads will ultimately move to the public cloud, so the management of a hybrid environment is imminent. To avoid misconfigurations and minimize complexity, choose management and security solutions that support hybrid cloud situations.
3. Consistently employ access controls for roles and tenants.
Enterprises should acquire an onboarding policy to clone and provision administrative rights based on role and tenant access.
3. Capitalize on dashboards to monitor security issues across cloud instances.
Dashboards allow quick review of security metrics across various VMs, hosts, data centers and cloud instances.
4. Execute regular instances of workload backup and prompt recovery.
When backing up across multiple environments is clearly difficult, it is beneficial to utilize a backup and recovery solution that sustains the organization’s entire cloud environment.
Commissioning cloud service for the sole intent of becoming a digitalized conglomerate is an evolutionary process. The benefits of cloud computing are generally understood at a high level. What is less clear are the potential security, legal, financial, and compliance issues of going cloud-first.
You may like: Navigating the Hybrid Cloud in 2018
By Andy Cocks, Chief Technology Officer, Dimension Data Asia Pacific