“Making Cloud Secure”
Innovation and governance need to marry to secure cloud environment in enterprises
As an increasing number of organisations committed to digital transformation, the adoption of ‘third platform’ technologies, such as cloud, mobility, social, and big data/data analytics has accelerated. India continues to be a prominent market for cloud technology adoption, and according to a study done by Gartner, as compared to 2017, the public cloud services market in India is expected to grow two and a half times by 2020 to a total of $4.1 billion.
This is driven by factors such as a mature enterprise ecosystem, a huge base of small and midsize businesses (SMBs) and startups, e- governance initiatives and the Digital India program that is resulting in an uptake of public cloud services.
Indian businesses, both large and small are now rapidly embracing cloud technologies to boost their performance and innovation levels. These include companies like CenturyPly, Jindal Steel, Century Mattresses, Fortis Healthcare and many more. Last year CenturyPly, a leading plywood and veneer vendor, upgraded from a legacy system to a cloud data centre to support the company’s business expansion and for increased overall productivity and efficiency.
Companies that have made the transition towards cloud have seen major improvements in terms of operational excellence and cost- effectiveness. Affordability of cloud solutions now allows SMBs and family-run businesses to deploy IT infrastructure and reap its productivity benefits without maintaining a full IT department as an additional overhead.
Moving to the cloud also provides employees with constant access to data from their enterprise resource planning (ERP) system at any time, from any location— enabling them to work more collaboratively. This is imperative for organisations looking to grow and become more geographically dispersed.
While organisations understand that cloud computing technology offers tremendous performance and cost benefits, they can still be reticent about migrating due to perceived security issues. This sentiment is echoed in a recent report by McAfee, where almost half of IT professionals across the globe stated they had slowed their cloud
adoption due to a lack of cyber security skills.
Security has long been a major barrier to cloud adoption. For the company, security is important at three key levels—platform, intelligence and partners. With concerns about data sovereignty, data privacy and control issues surrounding migration, Indian organisations are understandably wary of implementing this solution.
Cloud applications continue to be a vector for cyber-attacks, with McAfee also reporting that 52% of enterprises tracked a malware infection to every Software-as-a-Service (SaaS) application. Apart from the impact on customer operations and business reputation, it’s a company’s own legal responsibility to ensure that data is properly secured, encrypted and protected. If organisations don’t take this seriously, they run the risk of receiving some hefty legal fines for non- compliance.
Before making the decision to move to the cloud, organisations should consider the following three points:
Determine the pros and cons of remaining onpremises or moving to the cloud. It may be that your business is comfortable with the security measures, back-up, patching and upgrades programme it currently employs, and that fixed and mobile security are both equally considered.
Keep an objective and open mind in determining your choice. The time value of money with the lower total cost of ownership and faster return on investment is often one of the most important considerations, outweighing the perceived risk of security breaches.
Understand that this is uncharted territory. Digital transformation is re-levelling how risk is being assessed and the opportunities available.
Organisations should not assume that the cloud service provider alone is entirely responsible for security. Instead, they must ensure that the processes and controls are in place to allow them to access and use cloud services in the most secure manner possible.
The reality is that security must be a primary consideration for any ERP deployment option, whether it’s cloud, hosted or on-premises. With an ERP solution being the operational backbone of an organisation, vendors entrusted with business information from ERP systems must maintain highly secure data centres which are protected 24 hours a day, 365 days a year.
These organisations should make sure they invest in the latest intrusion detection systems, have fully trained expert staff, and take on the responsibility of keeping data secure, encrypted and protected.
Cloud-user organisations need to balance supporting innovation in the cloud with having a risk-based governance structure that includes policies, procedures and personnel. If organisations are confident that the above points have been taken into consideration and all preparatory steps have been taken, then relocation of ERP systems to the cloud is recommended. At the same time, this also provides a strategic opportunity for organisations to improve operational efficiency through business process reengineering.
Today businesses in India face a number of challenges such as a dynamic economy, greater competitive pressures and increasing demands from customers. Relying on yesterday’s technology will make it difficult for companies as they strive to be successful and grow.
That’s where cloud software comes in.The adoption of cloud would reduce costs, streamline productivity and integrate resources and solutions, further accelerating the performance of the company. Hence, it is critical for businesses standing at the edge of digital transformation to embrace what the cloud has to offer.
THIRU VENGADAM, regional vice president, India, Epicor Software