Cisco CEO John Chambers made some headline-grabbing comments on Wednesday at a panel discussion hosted by The Wall Street Journal. I’ll leave the question of whether Hillary Clinton has an easy road to the White House to my friends in Washington, but one of the things Mr. Chambers said just isn’t true.
Is cloud infrastructure insecure? Let’s dig in:
First: Good cloud security begins at the beginning, which greatly reduces the risk of having to play catch-up to fix problems.
There are myriad types of cloud solutions, and each can have various levels — and types — of security. When it comes to consumer clouds, there can be a different standard than in what I’d call an Enterprise-grade cloud.
Business leaders need to actively decide what levels of security they require to keep data secure... like company information, their customers’ information, and analytics resulting from crunching data.
Bottom line: keeping data secure in the cloud requires active understanding and engagement. Business leaders need to clearly understand the risk profile of each cloud workload and actively engage the proper protocols to address each specific security need.
No surprise: choosing a trusted cloud provider that understands security is critical. Keeping enterprise data secure in the cloud requires a multi-pronged approach from your cloud provider and should include things like:
- Establishing a layered security strategy that starts with an underlying secure network backbone – and includes multi-factor authentication, role-based access controls, and effective log monitoring and management among other security practices.
- Working with a cloud provider that is willing to be transparent and provide granular visibility into where data resides and transactions take place.
- Making sure your provider is investing in enterprise cloud managed services.
- Having a hybrid cloud solution available, to protect data from traversing the Internet.
Frankly, senior business and tech executives recognize that "cloud" is not the issue when it comes to enterprise security. A recent survey of Harvard Business Review readers found that approximately two-thirds (65 percent) of respondents said that cloud either increases security or that its impact on security is neutral.
Concerns about security are well founded, and breaches can be ripped from the headlines every day. Security (together with computing and networking) is one of three critical components to an enterprise-grade cloud solution, and security is increasingly important as companies move mission-critical data like consumer information and intellectual property into the cloud. Top cloud providers recognize the importance of secure network connections. In fact, Verizon Cloud, Microsoft Azure and now Amazon Web Services are all connected via Verizon’s secure, high-performance Private IP network — making sure data can move between clouds quickly and securely.
It’s easy to read reports in the news about data breaches and blame open, flexible and innovative technologies, like cloud. And business leaders should worry about cloud security and be vigilant in their approach. They should demand great security from cloud providers. But to label cloud solutions as patently insecure for enterprises is to ignore the maturity and enterprise focus of enterprise-grade cloud providers.
