– Stan Roach, Chief Customer Officer at Agiliron, says:
The next battle for market share is not online—it’s in the cloud. With the major cloud players and startups competing neck-and-neck to outbid each other and introduce better technology to make cloud computing even more attractive, businesses have never had it so good.
As CRN magazine reports, 2014 will see businesses spending upward of $ 100 billion in cloud computing services. Move to cloud?
Growing cloud adoption
RightScale surveyed over a thousand technology professionals in February 2014 to compile their annual State of the Cloud survey. Their findings were pretty interesting. The RightScale 2014 State of the Cloud Report found that, “94 percent of organizations surveyed are running applications or experimenting with infrastructure-as-a-service.”
While penetration of cloud computing is impressive, there is very little that organizations are doing in terms of governance and security of their cloud infrastructure.
By governance, I refer to clear directions on what the organization expects from their investment in cloud computing, how they will manage their cloud security, disaster recovery policies for data stored in the cloud and so on.
“Only about a third of organizations have defined such critical aspects of governance as which clouds can be used; disaster recovery approaches; and cost management.”
Benefits of the cloud
One of the prime reasons for the widespread adoption of cloud services for storage, bandwidth, computing, networking and other uses; is the fact that it is so convenient.
There are many other benefits that make the cloud so attractive to businesses.
1. Cost effective
Software licenses, training, bandwidth, storage and information infrastructure typically accounted for a large proportion of businesses. The initial cost of acquisition was compounded further by the cost of upgrades and maintenance of the infrastructure. There was also the risk of software or hardware obsolescence that had to be dealt with. All of these problems suddenly become non-issues with cloud based IT services. Most cloud systems are pay-as-you-go and do not require large capital outlays at the outset, in anticipation of future needs.
Cloud computing and storage services have the unique benefit of being almost endlessly expandable, depending on the organization’s data, storage or computing needs. No additional servers need to be bought, installed and maintained—everything just expands in the cloud and can be made as large or small as required.
3. Easy, automated updates
Gone are the days when businesses used to shell out large sums to upgrade from one version of software to another. These days, any updates or changes in cloud based software are taken care of by cloud service providers, saving both time and money for the end user in the process.
4. Easily accessible
The ability to access key software anytime, anywhere has offered businesses the sort of flexibility that never existed before. With flexi-hours at work, remote employees, rising popularity of BYOD policies and global organizations spread across multiple locations, cloud services offer the perfect solution to accessing the same service at a minimal cost. Collaboration becomes easier and productivity increases. According to a study by Frost and Sullivan, companies that invested in collaborative technologies saw a 400% growth in their ROI.
5. Quicker time to market, higher competitiveness
One of the biggest things going for IaaS or SaaS in the cloud computing world is the quick time to market for most of these applications. No more waiting for days for setup and installation, no wasted time on customizing the software to your needs or transferring data from one system to another and no more training delays, with the arrival of ready to use, plug and play cloud computing systems.
The fact that even small businesses can now access enterprise level software at a fraction of what it would have cost them just a few years ago, levels the playing field making smaller firms as competitive as large brand names.
From RigthScale’s study we find that easy scalability, quicker access to infrastructure across different locations and devices and easy availability of cloud services were the top three benefits that technology professionals value. As we can see in the graph below, the availability and cost savings from cloud services have grown at a much quicker pace in 2014 as compared to 2013.
Risks with cloud
As anyone who has ever used the internet over the last two decades knows, there is no such thing as 100% data security. When you move a large part of your data into the cloud, you automatically expose it to the perils of the internet; albeit in a slightly modified way.
So what does a business need to be wary of in 2014?
Security is the No. 1 concern for all businesses that operate in the cloud. Cloud security takes on new importance this year, with large scale hacks like the Heartbleed bug, corporate data breaches and more. Another security concern is managing the integrity of less advanced legacy systems that work with the cloud services and are more vulnerable to outside attacks.
Data that gets stored on the cloud is often subject to regulations laid down by national and international bodies like the PCI regulations or EU regulations. There are also internal policies regarding what data can be kept offshore and what needs to be strictly internal. This gets even more complicated when your business deals with data for other organizations with their own compliance regulations. For organizations that have to deal with multiple geographies, large and varied data sets and computing requirements, diverse legalities governing the data and its usage, ensuring compliance across all its cloud services can be a real challenge.
- Managing different cloud services simultaneously
Today there are millions of cloud based apps, services and platforms available that make life easier for a business. The barriers to entry for most of these are extremely low, with many cases of business teams implementing ad-hoc cloud services for their business function independent of the IT department. When organizations have multiple cloud services that they subscribe to, with their data spread out among each of these service providers, managing such multiple cloud services and ensuring data sanctity between each of these services becomes a growing problem.
- Outages at service providers’ end
Lastly, there can be issues with the cloud service provider’s network, the servers or even security threats due to negligence by the service provider. This is something that goes beyond the control of end user organizations and is a threat that is real and growing as more and more cloud services crop up each day with nebulous security measures to protect their users’ data and information architecture.
Implementing Effective Cloud Security
Until recently, a large part of cloud security lay in minimizing the transfer of data into the cloud, using the cloud only for essential activities to prevent data leakages and security breaches. This onus usually rested with the organization that bought cloud services with very little being done by the service providers themselves in terms of cloud security, except creating SLAs with the client and offering bare bones security options to clients in return.
In closing, businesses that use cloud services in their day to day functioning will do well to implement these 5 security tips from Kevin O’Brien of Cloud Lock:
- Content and context aware policies that can automatically differentiate sensitive and non-sensitive data (e.g., PCI, PII, or IP containing files)
- Automated end-user alerts and educational emails that help data owners directly respond to and fix potential exposures
- Selective use of strong encryption to provide defense-in-depth and additional security over highly sensitive information
- Application whitelisting/blacklisting, allowing for domain control over third party applications
- Comprehensive coverage of information exposure in all core Google channels (Drive, Sites, Google+, and via third party apps)