It is fair to say that the cloud is not anything new. There are also clearly many well reported business benefits of moving to the cloud such as increased speed, flexibility, collaboration and efficiency amongst many other benefits.
However, uncertainty around moving to the cloud is common for many organisations. In a world where security breaches in large organisations are increasingly reported on in the news, the challenge exists not in the security of the cloud itself, but in policies and technologies for security and control of the technology. Although most organisations are somewhat familiar with the cloud, there are important considerations to take into account when moving to the cloud.
Cloud does not inherently introduce more risk, but the open nature of virtualisation means commonly used applications can be used to bypass existing controls. Mission-critical applications and data have traditionally been kept separate on physical networks, with access controlled by policies underpinned with firewalls and identity and access management. However, the cloud is all about shared resources. We see increasing demands from business users wanting immediate access to cloud applications that may previously, in a physical environment, have taken days to conform to carefully designed policies and testing. The pressure is definitely on IT and information security professionals, aware of current and future threats, to balance expectation and risk.
Cloud computing is here to stay. Many organisations have taken the first steps into the cloud, typically through ad hoc virtualisation projects or SaaS delivery of specific applications. Without adequate planning however, many of these projects will not realise the full return on investment and economies of scale that can come from a strategic, coordinated approach to cloud deployments.
If IT does not take control of cloud initiatives, change will happen anyway – but it will be fragmented. This not only undermines the business benefits, but potentially introduces more risk from a ‘shadow IT’ footprint within the organisation.
Right now, NTT Security is working with organisations across the globe to deliver secure collaborative, convenient, and on-demand network access to a shared pool of computing resources such as servers, storage, applications and services. Whichever cloud model you feel is right for your business – private, hybrid or public – our approach takes you through the steps to create a security architecture that protects, scales and evolves with your changing compliance and business demands.
Please click here to learn more and read our full In View on “Making cloud work for business”.