Skip to main content

Do not sacrifice Cloud Security for simplicity

article banner

Cloud Growth in the financial year 2021-2022 and beyond

Public cloud adoption continues to accelerate

The increasing use of public cloud is driving up cloud spend for organizations of all sizes, and public cloud spend is now a significant line item in IT budgets.

In fact, eight percent of all respondents spend more than $60 million, and more than half spend over $2.4 million on public cloud each year. Public cloud spend is even more significant among larger organizations. Thirty-seven percent of enterprises said their annual spend exceeded $12 million and 80 percent reported that cloud spend exceeds $1.2 million per year. These figures are like 2021, when 36 percent of enterprises reported an annual spend of more than $12 million and 83 percent reported yearly spend of more than $1.2 million.

SMBs run fewer and smaller workloads, so it stands to reason their cloud bills would also be lower. Twenty-two percent of SMBs are spending less than $600,000 annually, compared with only seven percent of enterprises. However, 53 percent of SMBs spend more than $1.2 million—up from 38 percent reported last year. Enterprise spending remains high, as 37 percent of organizations with more than 1,000 employees spend more than $12 million a year.

Nowadays, enterprises are running 49 percent of workloads and storing 46 percent of data in a public cloud. Enterprise respondents plan to increase workloads and data in public cloud over the next twelve months by six percent and seven percent, respectively.

SMBs are moving quickly to the public cloud. As per the latest report 63 percent of SMB workloads and 62 percent of data will reside in a public cloud within the next twelve months.

(Ref. Flexera Report - State of the Cloud Report 2022)


CLOUD SECURITY CONCERNS


While cloud providers offer increasingly robust security measures as part of their cloud services, it is the customer who is ultimately responsible for securing their workloads in the cloud. The most significant cloud security challenges highlighted in our survey are unchanged from last year: data loss/leakage (64% - down five percentage points since last year), data privacy/confidentiality (62% - down four percentage points), and accidental exposure of credentials (46% - up two percentage points).

Enterprises are gaining experience with cloud, but challenges remain. For the tenth time in eleven years, respondents ranked security as the top challenge, rising from 81 percent to 85 percent YoY.

Compliance violence, regulatory actions, and legal costs - Regulatory compliance management is important for enterprises using public or hybrid cloud deployments. Overall accountability for data privacy and security still rests with the enterprise, and heavy reliance on third-party solutions to manage this component can lead to compliance issues.

Meeting Cloud Deployment Frequency and Speed - Enterprises nowadays develop, test, and run software applications in the cloud. The developers even deploy software builds frequently to the cloud. The enterprises cannot protect their software applications without detecting and repairing vulnerabilities during the development, testing, and production process. They must leverage the latest security tools and solution to scan the software build throughout the deployment process. They even need to update the security tools according to the speed and frequency of cloud deployment.

Risk of Data Loss and Theft - The enterprise moving to cloud will be responsible and liable for losses related to data loss or theft. The enterprises must implement a robust cloud security strategy to eliminate the risks associated with data loss or theft.

The enterprises must focus extensively on security while migrating their software applications and data to the cloud platforms. In addition to picking a reliable and secure cloud platform, it is also important for businesses to assess cloud security consistently. They can even avail the assistance of managed cloud service providers to keep the security tools and protocols up to date according to frequency and speed of cloud deployment.

Lack of visibility - It's easy to lose track of how your data is being accessed and by whom, since many cloud services are accessed outside of corporate networks and through third parties.

Multitenancy - Public cloud environments house multiple client infrastructures under the same umbrella, so it's possible your hosted services can get compromised by malicious attackers as collateral damage when targeting other businesses.

SECURING THE CLOUD WITH COFORGE`S 8 PILLAR FRAMEWORK


Coforge has defined robust cloud security framework, adopting cloud comes with its own risks and security concerns. The new environment may have various resources that might go untapped due to the complex nature of the IT ecosystem. It requires enterprises to revisit legacy security systems and mold them in the context of the new hybrid environment.

Our Cloud Security and Compliance Framework provide a holistic approach towards driving the security strategy of enterprises. The Framework is based on best practices for cloud security and a secure foundation built on the following 8 pillars.

Cloud-Growth-22

Key Features

  • Security goals set in the context of business and industry requirements
  • Security analytics and best practices deployed to detect and respond to threats
  • Benchmarked to a high bar of certifications and accreditations to ensure compliance
  • Continual monitoring, test, and audit.

Why Cloud Security over traditional security


Earlier enterprises use to manage and store their data in on-premises data centers. Now the organizations are moving more and more towards cloud to maximize scalability and cost-saving opportunities.

Cloud technologies make data management much easier. Companies can access infrastructure on demand, which enables them to maintain efficient and effective cloud security frameworks that keep up with emergent threats for better data/infra security.

Distinguishing between traditional IT security and cloud security is crucial, and it’s important to identify and understand the differences. Taking a closer look at both approaches will allow to take the best decision for your organization.

In a traditional data center, data and services are hosted on hardware that is on-premises, or in infrastructure leased from a third-party data center. The benefits to traditional IT systems include more control over how data is stored and transferred and the use of technologies with which staff have more training and experience. However, traditional infrastructure is often more expensive than the cloud. It is also less flexible if a business’s goals include expanding in size or quickly adding new services.

A cloud model features infrastructure (i.e., servers, storage, and network devices) that exists in software as (IaaS, Paas & Saas) opposed to on-premises hardware. The decision to move to the cloud brings scalability and flexibility advantages that help keep your business competitive. Considering security early in the adoption process will help your digital transformation progress smoothly and ultimately more efficiently as you avoid security issues that can hinder timely delivery.

Cloud-Growth-02-22

Key Benefits of using Cloud over traditional Infra Security: -


D
lepoyment –

Cloud – IaaS, PaaS & SaaS model eliminates the need to deploy any additional hardware.

On-Premises - Security appliances must be procured, shipped to each site, installed, and configured. Given the new infrastructure and initial configuration, deployment issues are common.

Maintenance –

Cloud - Handled by CSP. The vendors usually update the platform, features and bugs.

On-Premises - Handled by in-house IT and security teams. This is a big point of failure. Reason for more customers looking for cloud solutions after they go through a maintenance cycle and stop seeing value.

TCO –

Cloud – Opex subscription based no long-term contracts easy to replace vendors if there is no fit.

On-Premises - Capex based big budgetary investments long planning and deployment cycles multiple groups from security, IT, facilities, ops, other LOB, and apps are all involved.

Capacity planning and elasticity –

Cloud – No planning needed for capacity elastic scaling takes care of unplanned capacity planning. Seasonality, peaks, and burst are handled effortlessly.

On-Premises - HW, SW, and licensing needs to be planned for over capacity for occasional bursts or peaks Your TCO is designed on seasonal peaks Extreme bursts lock you out of tools when you need the most.

Updates and Patches –

Cloud – Cloud vendors take care of updates and patches through the shared responsibility model low risk of vulnerabilities for unpatched systems.

On-Premises - Requires periodic maintenance windows and planned outages unpatched systems are a big threat for security.

Cloud Security Management and Design Principles


Cloud Security management is all about what security controls to implement to secure cloud environment which include infrastructure (you have access), application and data. It is also about how to maintain visibility about any concerns.

Managing cloud security can be much simpler with automation capabilities of these modern environments. For example,

  • A new resource in a cloud can be created only in specific region & network, specific type and with specific tags.
  • When a new virtual machine is created policy can be defined to deploy an agent.

When we implement security practices in these pre-defined networks, resources created in these networks are secured.

Few design principles of cloud security management are implemented least privileges, Zero trust model, effective patch management and data encryption.

Cloud Security Management and Design Principles


Enhance organizational flexibility
 – The cloud service providers operate on a scalable licensing model, enabling companies to modify licenses as required. The license can be added instantly allowing for fast scaling (which is not possible with on-premises infrastructure). As an added benefit, this provisioning of resources can typically be done automatically using cloud native technologies, and therefore human involvement is not always required.

Improved data security - By removing physical systems from your data center, you also remove the risk that they can be tampered with - no one in external/internal users will have direct access to the physical infrastructure. Additionally, cloud providers will generally always keep their technology up to date, patched and backed up, as they do not possess the infrastructure limitations of a typical company. This alone is a critical aspect of maintaining good security.

Lower upfront costs - One of the biggest advantages of using cloud computing is that you don't need to pay for hardware. Not having to invest in dedicated hardware helps you initially save a significant amount and can also help you upgrade your security. This helps you save on costs and reduce the risks associated with having to hire an internal security team to safeguard infrastructure.

Continuous compliance with regulations - A provider that focuses on continuous compliance can protect your company from legal troubles and ensure you're using the most updated security practices. There are certain data protection standards that the companies/businesses must comply with to keep functioning legally.

Increased reliability and availability - Cloud security ensures your data and applications are readily available to authorized users. You'll always have a reliable method to access your cloud applications and information, helping you quickly act on any potential security issues.

Centralized security - Cloud computing gives you a centralized location for data and applications, with many endpoints and devices requiring (On-Demand) security. Security for cloud computing centrally manages all your applications, devices, and data to ensure everything is protected. The centralized location allows cloud security companies to perform tasks more easily, such as implementing disaster recovery plans, streamlining network event monitoring, and enhancing web filtering etc.

Scalability - Cloud computing allows you to scale with on-demands, providing more applications and data storage whenever you need it. Cloud security easily scales with your cloud computing services. When your needs change, the centralized nature of cloud security allows you to easily integrate new applications and other features without sacrificing your data's safety. Cloud security can also scale during high traffic periods, providing more security when you upgrade your cloud solution and scaling down when traffic decreases.

Guards against security breaches - Data security is extremely dangerous for a company's financial health and may also take a large amount of time to be detected. Data security on the cloud storage systems becomes even more significant, especially if you're using a public cloud alternative giving a third-party access to it. While it is in your service provider's best interest to protect your data, a breach can still happen; in most scenarios, the client must go the extra mile and use the hybrid system and protect your data.

 
Gaurav Dhyani
Gaurav Dhyani

Gaurav Dhyani has rich experience Cloud Services and is a Solution Consultant at Coforge. Gaurav has specialization in government and public sector engagements and has in-depth knowledge on storage and backup solutions across the industry.

Related reads.

WHAT WE DO.

Explore our wide gamut of digital transformation capabilities and our work across industries.

Explore