HOW TO AVOID THE DARK CLOUDS
It isn’t hard to see why Cloud-Based IT Services are becoming such a big draw for businesses – not when cloud is attracting more and more focus, as organisations seek out the best, and most efficient and cost-effective means of storing their essential (and often highly sensitive) data.
One question I’m asked time and again, though, is how fast is the move into the Cloud? You hear all sorts of stats and claims, so it’s time to put a bit of reality around this. If you look at our own latest in-depth survey on this here at Symantec – ‘Avoiding The Hidden Costs of the Cloud’ – it’s clear that customers really are rushing to leverage cloud services, as they extend the reach of their IT deep into the stratosphere. In fact, more than 90% of all organisations are at least discussing Cloud – a sharp step up from 75% a year ago. What’s driving that? Well, particularly the irresistible promise of reduced capex, more predictable opex, easier management, enhanced scalability and better disaster preparedness. Not a bad payback, if you get it right, I would suggest.
Other key survey findings in our survey showed enterprises and SMBs are experiencing escalating costs tied to ‘rogue Cloud’ use – in other words, business groups implementing public cloud applications that are not managed by, or integrated into, the company’s IT infrastructure – complex backup and recovery; and inefficient cloud storage.
All good stuff. But, like all things, I see that as only half the story. Inevitably, there are downsides to the Cloud ‘Utopia’, too. Security issues and outages spring to mind, most of all, both of which will continue to affect organisations that have stepped into the Cloudscape. So, business continuity is, not surprisingly, one of the big issues our survey homes in on, with the increase in cloud outages (Amazon and SalesForce spring to mind!) posing even greater risks than security breaches.
One of the challenges is that organisations often hold their information on physical, virtual and cloud storage, creating a very complicated environment when it comes to backup and recovery. In fact, more than two-thirds of enterprises today are using three or more solutions to back up their data. As a result, more than 40% have lost data in the cloud and had to restore their information from backups. And I note that a worrying two-thirds of those organisations saw recovery operations fail. That apart, even when it works, recovering data from the Cloud is slow. I’ve seen it up close and sometimes, by comparison, watching paint dry suddenly becomes an exciting prospect! To put it in context, more than one-fifth of those surveyed estimated that recovering from the Cloud would take three days – or even longer. Not for those who want their businesses to run like sleek, well oiled machines, I would venture.
Then there are the concerns expressed around issues with: inefficient Cloud storage; Cloud compliance; Cloud eDiscovery; and Cloud data in motion. Cloud often requires SSL certificates – for websites, applications etc – and the final hidden cost revealed by the survey relates to management of these certificates. Most find this area complex, with just 27% stating that managing Cloud-based SSL certificates was easy. In a related finding, fewer than half felt confident that their Cloud partner’s certificates comply with their own organisation’s internal standards. Now that is worrying!
So what’s the answer? First, I would suggest that, where Cloud-based services for security and management are in force, that experience can be dramatically improved. Let’s take remote working as a case in point. Organisations don’t have to restrict how, where and when their employees take advantage of this. They just need the right systems and processes in place.
This, I would humbly suggest, is where a solution like Symantec Web Security.cloud service can come into play, putting roaming and remote worker support options at the user’s fingertips, helping businesses address these challenges. Crucially, the service scans all Web content, promoting enhanced accuracy above services that rely solely on URL filtering for threat detection, with threat intelligence shared across email, Web and IM for converged threat detection.
Whatever the challenge and solution, though, if…
- An organisation’s people are to be protected and productive
- Your business is to be kept safe and compliant
- Business continuity is not a ‘perhaps’, but a ‘given’.
Then I believe all of the following must come into play:
- Focus policies on information and people, not technologies or platforms
- Educate, monitor and enforce policies
- Embrace tools that are platform-agnostic
- Deduplicate data in the cloud.
Get it right and the Cloud can be a great place to move to; get it wrong and there may soon be a sizeable tear in its fabric that your most precious data falls through.
Let me know what you think. As part of the new ‘evangelist’ team reporting in to the CTO in EMEA, I would welcome all opinions.