Article by David Ohrn, assistant vice president - product management for cloud solutions, AT&T
There are many reasons companies are growing their cloud footprint: digital transformation, expanding into new business segments, and looking for new ways to optimize costs and improve employee productivity.
Due to the proliferation of data (driven by IoT and digital transformation), the old model of “dumping data” is gone. We are at a tipping point where costs to keep data in-house are only increasing.
Many companies are looking at how they can monetize their data and are looking to the cloud – in many cases a multi-cloud approach – to stay competitive and meet their evolving business needs.
In 2018, we foresee the direction of cloud computing (whether public or private) to continue towards a ubiquitous cloud environment. The direction is to have clouds where you can move applications/workloads around at will. This is a powerful leap in cloud integration as it puts the customer in the driver’s seat.
Here is a list of best practices to consider in 2018 as you continue your cloud journey:
- Hybrid-cloud environments: Many companies are diversifying their cloud strategy to optimize agility, control costs and improve performance of business critical applications.
- Therefore establishing an easy way to migrate between private and public along with multi-cloud environments are essential to see to it that data can be accessed and shared in real-time.
- Edge Computing: Edge Computing will continue to increase with the rise of highly distributed applications in the enterprise. This will require a balanced approach – edge will meet the needs when speed is critical and cloud when storage is at play.
- Analytics and AI: Utilize analytics and artificial intelligence to gather insights into your data. These are powerful tools that can help to provide valuable visibility into where your data is sitting, how often it’s being accessed and how to optimize your cost structure.
- Cybersecurity: Cybersecurity must be a top priority and it’s essential for cloud and security to have an integrated approach to help protect your corporate data. It’s important to review your cybersecurity posture when moving to the cloud to see to it that you have measures in place in the event of a breach. Also, consider how machine learning and AI can provide near real-time insights to thwart cyber-attacks.
Deploying to the cloud without a plan or an overall approach could leave you worse off than if you had simply stayed with the — increasingly antiquated — dedicated data center model.
In fact, a piecemeal strategy might actually lead to gaps in an organization’s defense that didn’t previously exist.
When it comes to threat management, the success of your cloud deployment depends on coordinated actions that will integrate a cloud strategy with your overall cybersecurity posture. In particular, security experts argue on behalf of a multilayered approach to keep cloud data safe.
Layer in layered security
Deploy private connectivity instead of a regular internet pathway to a cloud provider’s network.
At the same time, protect all of your mobile endpoints with anti-virus and anti-malware applications. Lastly, add EMM (enterprise mobility management) to track and disarm mobile devices that get stolen or lost.
Confusion about how to balance data privacy with regulatory considerations can lead to no shortage of headaches. For instance, local laws in some states mandate that companies encrypt backups.
That begs the question of who should be responsible for taking care of the backups and the encryption in a cloud environment.
Also, when it comes to compliance, play it safe; don’t collect more than the minimum amount of personal information necessary. In case of a data breach, notify customers immediately to avoid legal fallout later on.
Hold your cloud provider’s feet to the fire
You need to be clear about spelling out the accountability of your cloud service provider.
The provider should be prepared to do its part, but you need to hold them responsible in order to ensure that your data is secured when breaches occur.
Also, find out what they will do to make sure attackers can’t cross from another environment to corrupt or otherwise imperil your data.
Similarly, if someone else gets hacked, how will the provider assure customers that nobody will be able to access your environment.