Spectator on facebook

Spectator on facebook

AMCHAM BLOG

Blog: The Dark side of the Cloud

Is the one-size-fits-all approach to Cloud suitable and does it meet everyone’s requirements?

Illustrative stock photo(Source: Sme)

The new Cloud on the horizon has received lots of attention recently. It allows companies to expand, bring more value to their customers, decrease IT costs, and react quicker to market needs. And of course, everything is secure, which is proven by certificates from well-known audit and professional bodies, so everybody is advised to use it, i.e. private, public, local and multinational organizations. Is this one-size-fits-all approach suitable and does it meet everyone’s requirements?

Let’s start with a definition – the Cloud is computing capacity accessible on demand over the internet. The main benefits of the cloud are:

  • Elasticity and scalability: eliminate unnecessary IT capacity and smoothly handle the peaks or unpredicted workload at your organization.
  • Only pay for the capacity and services you use in a given period.
  • Security: specialized vendors invest huge human and financial resources into security measures, which smaller firms cannot afford.
  • Enhanced flexibility and maintenance: easier geographical reachability of company data goes hand-in-hand with regular vendor-based security updates and functional upgrades.
  • Better reaction to customer requirements and faster adoption of business opportunities.

The above benefits are attainable, but not by everyone and not in every situation.

Reconsidering the benefits (and risks) of the Cloud

Regardless of the type of Cloud services you use, you should consider important security issues, which include:

Security risks
Cyber-attacks and information theft have caused huge financial and reputation damage to companies, and then there are also the security breaches that were not publicized. A security breach is malicious conduct in cyberspace that may lead to the interruption of critical services in the physical world. So, what are the risks?

  • The centralization of Cloud solutions into the hands of big players may lead to a situation where misuse of one security hole can affect millions of users and lead to the leakage of your customers’ data or your intellectual property.
  • Distributed Denial of Service (DDoS) attacks and other outages may lead to an inability to provide services to your customers, effectively forcing you out of business or you may incur large fines.
  • Bring Your Own Device (BYOD) policies and use of attractive Cloud products may change you into an effective and flexible organization, but are you sure you will be able to respond to a security regulator’s questions on your customers’ data life-cycle and security?

The proper mix of services provided by both Cloud providers and by the company can mitigate certain threats. However, this shouldn’t lead us to conclude that these are the only risks, or that precautionary steps should only be focused on the Cloud environment.

Legislative requirements
There has been a shift in EU countries from self-imposed adherence to “good practices” and local measures to stricter, centralized and binding pan-EU regulations. These principles may cause “culture shock” to businesses in other parts of the world.

For example, the General Data Protection Regulation (GDPR) and the Directive on Security of Network and Information Systems (NIS Directive) will be implemented in 2018; fines for their infringement will be up to €20 million or 4% of a subject’s total worldwide annual turnover. Do you know if you are subject to these regulations and what impact they will have? Your Cloud provider or IT vendor can’t be rendered responsible for the “whole thing” as the EU law puts it, some responsibilities will also rest on the user’s shoulders.

Of course, there are many other points to be discussed, such as: total ownership costs (cloud doesn’t always cost less), data accessibility and management, vendor lock-in, readiness of your legacy applications for working in the Cloud, etc.
The aspects discussed previously lead us to the question of organizational processes – making sure an organization will be able to implement all the applicable requirements (including concrete IT actions) with reasonable costs.

Conclusion
Implementation of Cloud services may bring substantial benefits to support strategic goals, but may also expose organizations to new problems. These need to be identified and assessed to understand whether Cloud solutions are the best and most cost-effective option for a business.

A very simple yet powerful approach before buying into the Cloud is to examine if you are already getting the most from your existing IT infrastructure which was already been paid for and which your staff already know. Using this fine-tuning and discovering new possibilities can be undertaken relatively quickly and without substantial investments to address operational efficiencies, regulatory compliance and resilience to cyber security threats.

It is not possible to avoid continuous re-assessment of your organizational processes and ICTs due to legislative and security aspects, whether you use traditional or cloud architecture.

Data System Soft, spol. s r.o.
www.datasystemsoft.sk
jskandera@dss.sk

We have been helping our customers to reach their goals using a combination of IT solutions from well-known vendors and our own analytical and implementation skills since 1991. We help clients get the most from their existing IT infrastructure assets (both in house and Cloud) and transform legislative requirements into specific technical measures in a secure and cost effective way.

Jozef Škandera is Business Development Manager at Data System Soft, spol. s r.o.

Originally published in Connection, the magazine published by AmCham Slovakia

article_photo(Source: AmCham)

Top stories

UN committee: Slovakia still discriminates against Roma

Government should adopt measures to remove discrimination and segregation of the minority.

Moldava nad Bodvou

Slovak cybersecurity firm participated in global operation to disrupt malware system

Eset monitored malware and its impact on users over several years

Sagan shows impressive core exercises Video

The three-time world champion will start the new season in a month's time in Australia.

Peter Sagan

Infertility in men is increasing with those in their 40s better off then those in their 20s

Treatment of infertility can cost tens, or even several thousand euros. Only part of the cost is covered by health insurance companies.

To be fertile, a man has to have 15 million sperms per milligram of ejaculate, of which 4 million must be healthy.