While we’ve highlighted the potential of the hybrid cloud as a replacement to the VPN, a key trend for enterprise technology in 2013, fears over corporate governance, data security and reliability continue to stop many organizations from taking the leap into the cloud space. These fears are often connected with the consumer experience of the public cloud, and for many organisations, the technology investment to deliver on a private cloud model is just too high. Which is why many companies now view a hybrid model as a real alternative, and we’ve chosen it as a key trend for 2013. In essence, this model combines the best of both worlds, enabling workload to be moved seamlessly between internal and third-party cloud environments in a highly secure manner, allowing companies to maximize the use of resources.
Regardless of the cloud deployment model, an enterprise-grade cloud solution should combine high-level security controls, with redundancy built into the environment to meet the security, performance and reliability demands of enterprise systems. This includes virtual and physical server capacity on demand reducing the need to provision infrastructure based on peak capacity projections or traditional redundant configurations; a high level of automation that enables self-provisioning in hours, not days and most importantly a competitive service level agreement that includes complete availability of the portal and virtual farm, regardless of management option.
Most importantly, the success of a cloud-based business model is absolutely driven by you, the customer. Effective due diligence is critical to enable companies to truly take advantage of the benefits of secure cloud computing. So what do you need to think about? Here are simple guidelines to assist in this decision-making process:
- Evaluation of business goals. Before deciding to move IT services to the cloud, enterprises need to understand the business benefits they wish to achieve. After defining the business goals, perform a risk-benefit analysis to ensure a move into the cloud is appropriate for the business.
- Perform due diligence. Once the business is committed to the cloud model, determine which deployment model – public, private or hybrid – best meets the business’ requirements.
- Choose wisely. When selecting a partner to deliver services via the cloud, select a partner with a heritage in both IT and security services. Verify that risk mitigation is part of the provider’s security practice. Pick a service provider that can integrate IT, security and network services, as well as provide robust service-performance assurances. The Cloud Security Alliance, which promotes the use of best practices for securing the cloud, offers a list of corporate members.
- In order to protect data - take a good look at your provider. According to the Cloud Security Alliance, the top security threat associated with the cloud is data loss and leakage. As such, how well the provider protects sensitive data is paramount. When evaluating a provider, analyze the company’s ability to deliver the same types of controls that would usually be done in-house – physical security, logical security, encryption, change management and business continuity and disaster recovery. Also, verify that the provider engages in safe data handling with documented backup, availability and destruction procedures.
- Consider a hybrid security model. Incorporate a mix of services delivered in-the-cloud and on premises. This can help allay data security and privacy concerns as well as leverage legacy investments.
- Remember to comply! Communicate relevant regulations to your cloud provider, and work with the provider to facilitate compliance.
Cloud computing is more than the driving force behind the next wave of technology innovation. It is a sound business strategy that helps organizations practice better financial management and creates a more sustainable, cost-efficient model for supporting IT services. Follow these simple guidelines, and you too can join the cloud revolution!
