Not all clouds are created equal: Secure cloud solutions for your organisation
Taking a coordinated, people-first approach to cloud security
9 in 10 Australian organisations use some form of public cloud service, yet the majority are aiming for a hybrid IT model. When it comes to choosing and maintaining the right platform, which choice represents security from cyber attacks without compromising business operations?
The obvious attraction of a cloud platform is flexibility – not to mention the options available from IaaS to SaaS. More than 90% of organisations work in an IT environment that spans public cloud, private cloud, colocation and services: a true hybrid approach.
The reason? Hybrid cloud allows customisation to align with business needs. Your organisation may need to work more efficiently, automate processes, enhance customer satisfaction, and reduce costs – or all of the above. A hybrid cloud solution gets your products to market faster, building on a pre-existing platform rather than investing years developing your own.
The convenience of hybrid cloud must be balanced against security – which can have significant flow-on effects to your business. More than half of Australian organisations reported a cyber attack in the last 12 months, with breaches becoming more frequent.
Strategy comes first
Hybrid cloud does have its advantages, including extending legacy workloads into public clouds or augmenting workloads with cloud technologies. If you allow your solution to grow organically without a clear end goal, you may be overlooking planning for future trends, expansion or flexibility needs.
IT security is increasingly important in strategy, and a considered approach to simplified and integrated data management across clouds is important.
“Larger customers tend to look to build their hybrid cloud rollout at an organisational level. In the world of small to medium business, customers need to align with the right partner who can provide them with the advice and expertise to provide recommendations and experience to select the right cloud for the workload.”
2021 research: Security and hybrid cloud solutions
Nexon commissioned TRA research into the cloud security strategies and challenges of Australian organisations.
Snapshot: Key findings
- New threats are constantly emerging – particularly backed by machine learning and AI
- Over 50% of security incidents are internal – either through human error or malicious intent
- Breaches have a ‘serious or very serious’ impact on operations in 2 out of 3 cases
- Organisations struggle to educate staff from the frontline to the C-suite on security risks
- Cybersecurity budgets appear to be static, which may be due to centralising control
What the research tells us
With a birds-eye view of these trends, a clear message emerges: the importance of a coordinated, people-first approach to cloud security, backed by experts.
A hybrid cloud approach means the traditional ‘moat and perimeter’ approach isn’t effective for the modern IT team. Security must be built into systems and considered from a cloud perspective – like a wide-reaching satellite network, rather than a fence.
Security must be pragmatic and match individual operations and unique cloud models – one solution certainly doesn’t fit all businesses. For Elliot Jurd, it’s about matching the right cloud to the right circumstance.
“The blurring of on-premises and public cloud workloads has been increasing over time and will continue to do so. The initial wave of ‘cloud first’ is over, and now we are moving to the mature phase of the right cloud across the hybrid cloud for the right customer workload.”
People and protection: the foundations of hybrid cloud
A balanced hybrid cloud perspective starts with people: human error is the leading cause of data breaches. It’s an ongoing challenge for IT teams to maintain organisational skill sets across both public and private cloud infrastructure, and to stay on top of Shadow IT that may see staff looking for shortcuts using untested apps that risk your cyber security systems.
There is a generational gap at play. Just like the workforce that knew and understood mainframes, and the workforce that knows open systems are coming into the mature phase, the public cloud native workforce can present cultural challenges. Humans are complex – it’s not necessarily the systems – but about the right engagement from the right people, to get the right outcomes.
As hybrid systems are being implemented, focus must also stretch to building the ‘satellite network’ of security that protects your organisation’s hybrid infrastructure.
Our research suggests that production data is not always the focus of cyberattacks; 51% report attacks on their data archives. A continuous monitoring approach and a clear plan for inevitable attacks are key. Whether your cloud protection comes from an internal team or a tech partner, the research shows that internal cybersecurity skills are often lacking in application security and cloud. Partnering with a trusted technology advisor to design your hybrid cloud solution could be the difference between recovering from your next cybersecurity breach – or losing it all.