Monica Brink, EMEA marketing director at iland looks at cloud security and advises how you can save your business vital downtime if the worst occurs.
With new regulations such at the GDPR coming into effect, cloud security is very much at the forefront of many businesses’ minds. At the same time, cloud adoption is actually speeding up both in the UK and across Europe, and regulated industries such as the finance sector are seeing the benefits – cloud adoption in regulated industries has nearly tripled, up from 15 per cent in 2014 to 39 per cent today.
The conversation is now moving away from focusing on cloud adoption challenges, which are often centred on security and compliance, towards practical ways to address such challenges.
Some of these practical ways of addressing cloud security include data encryption, two-factor authentication and hybrid cloud (offering private and public cloud options for different workloads), and many companies are taking these steps to ensure that their processes are best protected against any malicious attacks.
Of course, these cloud security features only touch the surface of the range of security and compliance risks that need to be addressed, managed and monitored for secure enterprise cloud computing. Other security management aspects such as data sovereignty, blocking of viruses and malware, web reputation monitoring, firewall management, intrusion detection and much more also need to be considered in the mix. However, the reality is that most IT teams simply don’t have the budgets, labour or skills to manage the myriad of different cloud security requirements.
IT teams don’t have time to source best-of-breed security vendors to address all of the above security risks and then manage these vendors, collating different reports on each security feature to provide to auditors and regulators. Finding a provider that offers these built-in security features to protect applications and data means that the company themselves are able to manage security and compliance easily, and report on it directly, taking the control back into their own hands. At iland, we identified these challenges some time ago and developed an advanced security version of our enterprise cloud services which helps customers achieve the levels of security and compliance they need without burdening them with a huge cloud security management task.
That said, one of the most important aspects of managing cloud security for UK businesses is the relationship between the customer and their cloud provider. It is vital to discuss and consider up front who will be responsible for what in terms of protecting data security in the cloud. A mutual understanding of security and compliance challenges and clear delineation of who manages what with regards to cloud security is another practical step towards overcoming UK cloud adoption challenges.
The reality is that achieving security and compliance in cloud computing goes way beyond security features for a lot of businesses and needs to include showing compliance to professional industry standards and regulations. Making sure that provider and customer are on the same page, understanding the regulatory environment they operate in and their resulting compliance requirements, is paramount to a mutually beneficial relationship. Additionally, having an open and transparent dialogue with customers around compliance is a practice that cloud providers need to offer – in order to help to build trust, and ensure the required levels of IT security and compliance are maintained.
Cloud adoption is only set to grow – as are continued and ever present security and compliance issues. Cloud providers that can provide the transparency, security and compliance, services, processes, trust and support will be the ones that more and more businesses turn to.
Monica Brink is the EMEA marketing director at iland