Edge Insights

Cloud And Security: Making The Two Ends Meet

The journey to the cloud for many organizations is really about sometimes selecting workloads that they want to put out there. Some of these workloads go on to public cloud platforms, some of them stay in private cloud architectures and their own data center. Some go to managed service providers. So there are all kinds of configurations that happen. And as the journey to the cloud evolves, there is a natural complexity that comes into play, and the remit of the IT organization, and along with it, the associated security architecture becomes more and more sophisticated and complex in some ways. 

Just because you’ve tapped into the vast resources of a cloud service provider to replace previously on-premises IT assets doesn’t lessen your management or cybersecurity burden. Cloud migration creates new issues for network admins to focus on: migrations are inherently risky from a cyber perspective – data on the move is data that can be exploited in transit.

Cloud providers are prone to proclaiming that their security is better than any single business can achieve, simply because they have more resources to apply to the issue. By now, we all know that simply throwing money at the challenge is no guarantee of success.

To discuss all of these and how security and cloud come together TechCircle organised a panel discussion in their recently concluded digital conclave Future of Trust As A Service powered by Sophos where industry experts and torchbearers to deliberate on the future of cybersecurity, its implementation, challenges, and solutions, thus carving a roadmap for the future. The panel discussion on Cloud And Security: Making The Two Ends Meet comprised of industry veterans like Ravindra Bhaviskar, Director - Sales Engineering (India & SAARC), Sophos, Jaiprakash Choudhary, Director of Engineering, Rivigo, Vijay Radhakrishnan, CISO, Mahindra & Mahindra Financial Services. The discussion was moderated by Jaideep Mehta, CEO, Mosaic Digital, an HT Media Group Company. 

"When it comes to cloud adoption, you must understand about five years ago, there were a lot of questions that were asked about whether we should go towards the cloud. While we are all accustomed to the technology on prim, we know how to control security, but when it comes to adoption of security in the cloud, and that to the multi-cloud, multi-tenant kind of mechanism, then people are very confused about how exactly to put in the right set of controls. We need to ensure that we have the preconceived mechanism so that everything happens fast and secure. While the cloud is highly scalable, the most important thing is the time it needs to be available. It is connected particularly to the customers, the distributors, dealers, everybody for that matter. And it's something that needs to be performed like a playbook", said Vijay Radhakrishnan. In the process of deciding cloud adoption, Ravindra Bhaviskar added. "as an organization before adopting cloud, you should consider the business goal, its best practices, and the cloud standard for your current and the future use as well, whether you should go for public, private, hybrid, or even a multi-cloud environment. So that is something which you need to decide and before that the most important factor is security."

The world is experiencing digital transformation like never before, and the Cloud has proven to be a cornerstone of this transformation. Every day new applications are being migrated to cloud-based services. The Cloud, a central tenet of an organization’s IT modernization strategy, provides the enterprise with scale, flexibility, and adaptability, enabling innovation. Jaideep Mehta quoted, "the first wave of cloud adoption, for example, was about moving from CAPEX to OPEX. But now increasingly, organizations are using the cloud for innovation-based workloads. So you know, data as a service or analytics workloads are going straight on to the cloud." Jaiprakash Choudhary added, "we started on the cloud because it was very easy to build and test products. The cloud gives us the required flexibility and over the years it has innovated a lot to provide us with the capability and the capacity to test and build products that are low cost and high efficiency." 

In the current digital era, monitoring, managing and securing the hybrid cloud is conceivably the most pervasive issue that enterprises are facing. 24/7 cloud monitoring enables enterprises to identify patterns and discover hidden security risks. A strong cloud monitoring solution will have the ability to: monitor large volumes of data across locations in real-time, oversee application and user behavior to proactively identify potential threats, perform auditing and reporting to ensure security compliance, etc. Considering the complexity of change management and the fear of security breaches has been one of the top barriers to enterprise cloud migration. As executives aim at making a secure transition to the cloud, they should devise a carefully planned step-by-step approach with the right business strategy covering the complete cloud security lifecycle.

For more details on this discussion and insights on the security landscape, visit futureoftrust.techcircle.in