Securing the Cloud: Keeping your feet on the ground

Advice 2009-06-23 16:22
Markus Krauss, VP EMEA Identity and Security, Novell

Markus Krauss, VP EMEA Identity and Security, Novell explains the important role resellers have to ensure the race to embrace cloud computing doesn’t mean neglecting security.

Given current pressures to cut costs and improve efficiencies it’s hardly surprising interest in cloud computing is now sky high. The ability to turn capital into operational expenditure is extremely attractive for CIOs as it means they only need to pay for what they use. This pay-as-you-go approach explains why Gartner predicts software-as-a-service (SaaS) spend will grow a healthy 22 percent in 2009. 

Yet, despite enterprise eagerness to embrace the technology, many organisations fail to adequately consider security.  According to a recent IDC study, while nearly a third of the world’s businesses have some enterprise applications in the cloud, two thirds have no strategy for securing them. This is concerning given the considerable negative impact an endless stream of data breaches had on organisations last year. What’s more, cloud computing presents new challenges for CIOs to control the flow of data beyond the corporate network. As cloud services can be purchased by any department within an organisation and data is hosted externally, it means teams can bypass the IT function all together. As a result, IT teams have less visibility than ever into how sensitive data is used and shared within and beyond the corporate network.   

Addressing these issues by providing support and proven solutions offers resellers a real chance to add value to customers in a tough climate. As a first step, it’s crucial for resellers to educate IT managers about the risks of hosting data in the cloud and communicate the technology solutions available to keep data secure. Data protection legislation will always lag behind IT developments and so enterprises can’t afford to wait for regulations to be implemented before adopting cloud.  IT teams therefore need to ensure internal policies are not compromised by cloud adoption.  While it's not the role of IT teams to say no to cloud, it is their responsibility to look at the ways in which a balance can be struck between IT security and the productivity of employees. 

One way resellers can help organisations strike this balance is by offering a comprehensive security audit. This audit should involve discovering where sensitive information sits within an organisation, how it is shared and who has access to it. Conducting a comprehensive audit can be time consuming but it's worthwhile to identify any potential security weaknesses before embracing cloud computing on a large scale. Once an audit is complete, an IT strategy can be built to support business goals.  The strategy should be supported by technologies that address complex identity and access management challenges, such as automating business processes, mitigating security risks and laying the foundation for compliance with internal policies and external regulations. These technologies require minimal input from IT professionals but also be user friendly to minimise disruption to employees.  

Businesses may be keen to embrace cloud computing and enjoy the cost saving and efficiency benefits the technology promises but jumping in head first could have disastrous consequences unless IT security is made a number one consideration. In the year ahead, resellers have a important and potentially profitable role to guide enterprises through these challenges.

Tags:
Security
Cloud computing
Security
Cloud Computing
SaaS
Novell
resellers

Related Articles

Computerlinks strengthens security portfolio
Tufin and Sourcefire deals announced
McAfee names UK & Ireland VP
Ross Allen extends role to lead new territory
The Rise of the SuperVAD
Exclusive Networks' Barrie Desmond explains the concept of the 'SuperVAD' - and why he thinks resellers should harness its power