CLOUD COMPUTING
CLOUD COMPUTING AND INFORMATION SECURITY
The financial business case to adopt cloud computing is indisputable. It makes sense to buy computing infrastructure as opex instead of capex, to not have to employ staff to manage IT hardware, and to have the ability to scale up and down as needed without capex and human resources implications.
Willem Rossouw Executive: Strategy & Technology
Bytes Systems Integration
A huge question mark over the cloud decision is cyber security, says Willem Rossouw, Executive: Strategy & Technology at Bytes Systems Integration.
When an enterprise moves into cloud computing, especially if it uses a public cloud, the risk of cyberattacks increases simply because its computing activities are no longer confined to its own premises. Companies also sacrifice a level of governance in the move to the cloud.
However, the security upside far outweighs the risks, says Rossouw.“ The infrastructure and environment provided by the hyper-compute vendors is far more secure than anything an enterprise can afford to establish on its own.”
The reason is obvious. Large cloud providers invest in cybersecurity as a means to differentiate their data centres from the competition. They build redundancy into their data centres, conduct continuous backend maintenance that obviates the need for downtime, and employ dedicated security and threat management teams to monitor the cyber landscape and proactively respond to potential threats. They also conform to international security standards – a minimum requirement to be competitive in the increasingly-crowded cloud marketplace.
“ The infrastructure and environment provided by the hyper-compute vendors is far more secure than anything an enterprise can afford to establish on its own.”
As a result, these vendors can prevent potentially disastrous events, such as DDoS( distributed denial-of-service) attacks that occur when multiple systems flood a target’ s bandwidth or resources with traffic from multiple compromised systems.
It therefore comes as no surprise that enterprise customers cite security as one of the main reasons for their decision to move to cloud computing.
Good reasons, however, do not guarantee a successful migration.
According to Rossouw, enterprises fail in this regard because they do not fully understand the cloud environment, they neglect proper due diligence, and they do not use cloud and cloud access security brokers.
In Rossouw’ s experience, the conditions for a successful migration also address the security question:“ Enterprise customers should appoint a cloud broker to secure the best deal, which includes watertight security, and they must empower themselves with knowledge by reading the excellent reports on cloud safety that are produced annually by bodies such as the European Union Agency for Network and Information Security( ENISA).” ■
74