By Nathan Steiner, Senior Director, Systems Engineering, Veeam Software
As businesses in the digital economy are increasingly aware of their reliance on digital infrastructure, the idea of migrating applications and data to the cloud becomes a must-do rather than a nice-to-have.
However, challenges arose when businesses across Asia Pacific shifted to cloud-based services to facilitate new remote work models prompted by the pandemic. In Australia, Telsyte found that nearly half (45 percent) of organisations looked to increase cloud infrastructure spending in 2020, and 46 percent now have ‘cloud-first’ policies when it comes to making new investments.
While we’ve still got a long way to go until Covid-19 is no longer a consideration, the good news is that cloud-based systems are helping businesses navigate these unchartered waters a little better. After all, who wouldn’t want less admin and the agility needed to respond to what’s become such a volatile environment? In fact, one could argue the pandemic actually validated the cloud’s value proposition i.e. digital transformation has become a prerequisite for survival in the current and future landscape.
Digital transformation has also become a case of risk reduction and evergreen opportunity to unlock future business capabilities. With this comes growth in importance and size and most importantly, complexity in security measures.
As adoption and usage grows and cloud technologies are increasingly top of mind, businesses must ensure they’re putting the right security measures in place. This starts with the understanding that cloud security means supporting your cloud environment your way. It’s not a one size fits all approach.
So how can businesses make sure their cloud security strategy is optimised for the now, in a way that doesn’t hinder the maturity of their cloud environments in the future?
Assess the risks and plan accordingly
Using cloud-based systems isn’t just about the transfer of data. A key reason moving data to the cloud fails, becomes vulnerable or worse becomes subject to an attack or loss is poor planning and implementation.
Successful cloud implementation requires careful and deliberate planning in order to secure the environment. This should first involve considering and understanding all of the risks, vulnerabilities and potential threats that exist. Secondly, an understanding of what countermeasures need to be taken in order to ensure secure restore or recovery of backups and replication, such as ensuring your network is secure or access to key infrastructure is restricted.
Planning ahead and continuous risk assessment will not only help your business keep a step ahead in its cloud security strategy, but also avoid major compliance issues and potentially serious legal and financial repercussions.
Know what’s in your contract
Not many will know that service level agreements (SLAs) and cloud service contracts only guarantee service and recourse should an incident happen. Therefore, it’s important to check data ownership and know what would happen to it should you terminate services. More often than not, there are lot of grey areas in the terms and conditions that are simply overlooked, which could be the dealbreaker in the event of a breach.
Educate your employees
Proactively train your staff on how to use and navigate the cloud-based services you implement into the business. Security threats can come from anywhere and if employees aren’t properly trained on the cloud environment, they can be a major internal risk. Different departments will need various levels of training i.e. your IT team will need more specialist guidance compared to other staff, and require ongoing refresher sessions to keep their knowledge up to date.
Cloud computing has certainly been one of the enterprise IT space’s shining stars during Covid-19. While there isn’t a standout No. 1 concern when it comes to cloud computing, the one thing that is for sure about is that security is front and center for chief technology/information/digital officers.
Cloud growth will continue to accelerate and businesses must prepare to see their cloud environments mature as they upscale their digital footprints, but they can only look to the future if they’re getting their current cloud environments right. This means doing the best job possible in designing, implementing and enforcing cloud security measures.
