Moving to the cloud feels like a no-brainer, thanks to the flexibility, scalability and associated cost benefits, but compliance issues can trip some companies up.
According to the RightScale 2018 State of the Cloud Report, a huge 98 percent of companies are now using the cloud. But making the move is a complex endeavor. There’s the technological headaches of moving data and applications, there’s staff training to consider and there’s the choice between public, private and hybrid cloud to make.
On top of all that, companies need to ensure that they’re complying with regulations, security and data privacy. Crowd Research Partners’ survey of 400,000 cybersecurity professionals found that nine out of ten are worried about cloud security, up 11 percent on last year, and compliance is one of their top three concerns.
Security and compliance are particularly thorny when companies venture into the public cloud. Here are the top compliance issues:
Staying on the right side of the law
Regulatory cloud compliance is essential for companies and encompasses all the laws, guidelines and specifications of every jurisdiction in which they operate. It’s not just a one-time fix either. Companies need to be constantly aware of changes to rules and regulations. While public cloud vendors also stay abreast of the issues, the responsibility lies with the company to make sure that its data is processed lawfully. When dealing with health or financial data, for example, a public cloud vendor’s measures may not be enough.
Beware the leaking ship
The best public cloud providers will be using the latest in data encryption and security technology. But even that is no guarantee against cyber attacks and data leaks. Choosing a lesser provider could put a company at even greater risk of having its data lost or stolen. The public cloud is not inherently unsafe, but often, sensitive data is far better off siloed on-premise or in a private cloud infrastructure.
Security across the board
Many companies will come to the conclusion that sensitive data should be stored on-premise or in a private cloud. If they then want to include a public cloud element to their IT infrastructure, they face the difficulty of setting consistent security policies across their cloud and on-premise environment.
The weakest link
As in all IT security, the human element is the weakest link. Unauthorized access through the misuse of employee credentials was reported as the second biggest threat to cloud security by the Crowd Research Partners survey. When you move to a public cloud setup, there needs to be a huge investment in ongoing staff training that may greatly reduce the other cost benefits.
Living with your legacy
Companies are already complying with security, data privacy and the law before they move to the cloud and they might assume that the same measures will protect their information in the cloud. But very few firms find that the capabilities of their traditional security tools translate and legacy software may even clash with the public cloud vendor’s security measures.
Once companies look into compliance issues, the cloud can seem like a much less attractive option. But the right mix of public and private cloud with on-premise solutions can give all the benefits of cloud adoption while mitigating the risks. And if the data is sensitive, companies need to think twice about going public.
GET A FREE ASSESSMENT TODAY
If you want to start enjoying peace of mind, better value for money, and all the side benefits that comes with cloud solutions, reach out to us for a free assessment of how our solutions can best be integrated in your organization. Learn more at https://logicalfront.com/solutions/cloud-migrations/.
*article courtesy of OneAffiniti funded by Citrix
