Digital transformation: Moving security to the cloud

Anil Bhasin

Interconnectivity and digital transformation across enterprises has resulted in copious amounts of data, which could deliver competitive advantage for today’s businesses.

Such important data require a scalable IT infrastructure to support changing capacity and round-the-clock availability.

Now, it’s not surprising that organisations are turning to the cloud as a solution to overcome the challenge of scale.

The cloud empowers enterprises to augment the capacity of their own data centres (or totally eliminate the need of an on-premise infrastructure), while simultaneously taking advantage of value-added services. Analysts predict that USD 1 trillion in IT spending will be directly or indirectly affected by the shift to cloud by 2021, making cloud computing one of the greatest forces to disrupt IT spending since the early days of the digital age.

Furthermore, Gartner predicts that 24 percent of the total addressable IT market will be cloud by 2020.

Cloud services also gain importance due to the fact that they underpin other technical advancements like big data, analytics and IoT. Companies that are slow in adopting a cloud-first strategy therefore run the risk of becoming irrelevant in a couple of years.

As firms move their data and infrastructure to the cloud, the question of cloud computing security takes on special significance. CIOs and CISOs are understandably worried about the consequences of moving their company’s data to the cloud.

Corporate data is especially important as it could contain sensitive information like intellectual property, clients' list, trade secrets and financials. Besides, customer service agreements with cloud providers put the responsibility of data security and integrity on the owner of the data.

While this is an evolving space, companies are already adopting cloud security strategies to evaluate on-premises data protection, tools and recovery processes in addition to backing up data locations. Over time, cloud computing has not only proven itself to be more scalable and efficient, but often more secure than on-premise systems. Cloud-delivered security offers the same advantages.

The benefits in terms of security innovation, operating cost efficiency, capital expenditure savings, and cross-technology integration are too great to return to older, on-premise-only architecture. Working in conjunction with on-premises security and enforcement, cloud-based security provides the scale, agility and analytics capabilities needed to fight sophisticated cyberattacks.

Distributed denial of service attacks, for example, are increasingly common. Good cloud security tackles the huge amounts of traffic aimed at a company’s cloud servers through constant monitoring and dispersion of such attacks to ensure 24/7 availability.

Cloud security offerings should also have proactive security measures to protect sensitive information and transactions from tampering. For firms that operate in highly regulated industries where data safety is crucial, cloud security should also support compliance and protect personal and financial data.

Finally, organisations also need to comply with government and industry regulations, such as EU data protection laws that govern where and how user data can be stored.

To allay these security and compliance concerns, organisations can look at enabling cloud security that documents what data is stored in the cloud, where it is stored, how it is secured, and who can access it.

It also helps if the cloud security provides granular controls that will help configure which data is sent to the cloud and how long the data is retained.

To add another layer of certainty, organisations can also look at engaging a third-party to review and certify the security, availability and privacy of their service.

On the other hand, organisations that are reluctant to use cloud security services can consider technologies where the benefits are the most compelling. These include:

• Security analytics: Cloud-based analytics eliminate many of the earlier challenges associated with the management and maintenance of on-site data repositories. Cybersecurity products generate massive amounts of valuable data in the form of logs that can be used to counter sophisticated threats. Today's organizations require the ability to store, process and analyse as much log data as possible to obtain comprehensive visibility across their infrastructure and convert their data into actionable insights. Security analytics on the cloud unleashes a new way to develop, deliver and consume innovative security applications from any provider, without additional complexity or infrastructure.

• Advanced threat analysis: Cloud-based advanced threat analysis empowers organisations to perform in-depth analysis of suspicious files and communications without compromising their security. Since they are no longer encumbered by the performance and system restraints of an onsite computing device, a cloud-based service can perform dynamic analysis, static analysis, machine learning and even bare metal analysis of suspicious files to detect attacks and defeat evasion techniques.

A hybrid cloud and on-premise security architecture is the only way to achieve the best security outcomes at scale.

(Anil Bhasin is Regional Vice President – India and SAARC, Palo Alto Networks. Views expressed are personal.)