Cloud Hosting

What you need to know to secure your business cloud Many organisations are not taking sufficient security precautions once they start migrating to the cloud, and it can cost them dearly, by Evans Kangethe, Senior Solutions Architecture at Dimension Data East Africa.

In 2021, McKinsey found that cloud adoption by US Fortune 500 organisations could generate about USD 1 trillion in value by 2030. Late in 2022, they extended this forecast to Forbes Global 2000 organisations, which bumped up the figure to USD 3 trillion by 2030.

The cloud is clearly becoming the engine of enterprise operations. Yet, despite this growing dependence on the cloud, one important topic is often overlooked: security.

Some organisations have a limited understanding of cloud hosting and dont know how to secure their cloud workloads, while others believe that security is solely the duty of the cloud service provider. Either way, the absence of proactive security measures leaves them vulnerable to potentially serious breaches.

In the financial services industry, for example, a breach could affect business continuity and disrupt services such as mobile money, internet banking and e-commerce platforms damaging brand perception and loyalty, and ultimately leading to customer attrition.

Organisations that want to migrate services to the cloud need a specific cloud strategy to support these goals and their overarching business objectives yet many dont. Their adoption of cloud computing is instead driven by less well-considered reasons: We should move operations to the cloud because our peers or competitors are doing it, so it must be a good thing. Or, even worse: We allocated funds to this in our budget that must now be spent.

Security should be a key element of any cloud strategy. For reasons of accountability and liability, cloud service providers adopt a model of shared responsibility with their clients, depending on the type of cloud computing service theyre providing infrastructure as a service, platform as a service or software as a service. So, the cloud strategy must set out the client organisations security obligations within a secure-by-design architecture that proactively mitigates risk.

The threats associated with cloud computing include:

Another risk area is legal and regulatory compliance. Under the European Unions General Data Protection Regulation (GDPR), for example, even less severe infringements can lead to a fine of EUR 10 million or 2% of a firms annual revenue, whichever is higher, or up to EUR 20 million or 4% of a firms annual revenue for more serious violations. In our globalised society, most countries have now put in place legislation on data protection and privacy.

Assurance the process of ensuring that customers receive the services they have paid for smoothly and effectively is also a vital area, as it limits interruptions to company operations. This means services must be accessible when they are needed, and data that is saved or processed in the cloud should not be intercepted or changed without accountability. Most importantly, only employees with the appropriate access rights should be able to access the data.

Therefore, organisations cloud strategy and security policies must address these issues.

Who looks after what in cloud services?

The shared responsibility for security in cloud-based ecosystems is typically divided as follows:

Organisations can address cloud security issues in several ways, but it can become a pricey exercise both financially and in terms of potential security breaches.

Automation can help to maintain consistent security levels across rapidly changing on-premises and cloud-based environments, while allowing organisations to meet their goals for time savings, agility, scalability and cost-effectiveness.

In this way, they can automatically monitor cloud-based applications and infrastructure on major platforms (including Google, Microsoft, AWS, SAP, Oracle Cloud Infrastructure and Verizon), continually improve their security posture and maintain their compliance with data and security regulations.

The cloud delivers many advantages to organisations, but it also comes with unique security challenges. Cloud-based infrastructure is very different from on-premises data centres, and traditional security tools and strategies do not apply.

Thats why, at Dimension Data, we have tailored a range of managed cloud infrastructure services including Managed Public Cloud, Managed Private Cloud and Managed Infrastructure Services that cover all your organisations cloud needs, end to end. We have more than two decades of experience and accredited expertise in a variety of cloud environments and well find the cloud solution thats best for your organisation.

Read the original:
What you need to know to secure your business cloud - ITWeb