Vendors To Enter The Cyber Security Game

Disaster Plan.png
Growing Up.png
Holiday Photos.png
Twitbook.png
Data Bed.png

IT Regulatory Compliance as the Next Big Focus for Cloud Vendors

Back in October 2014, Defense Information Systems Agency (DISA) submitted a public request for information, calling for the assessment of the marketplace’s ability to “provide cloud ecosystems and services in two integration models that place vendor cloud services on DoD networks for use by the DoD community and mission partner.”

This was one of most serious steps a US government department had made to enable a wider cloud adoption and also a move that marked a significant shift in perception on the usability of cloud technologies in regulated industries. Namely, like other industries that operate with huge volumes of sensitive data, government agencies were slow to adopt the cloud due to the associated security concerns. However, in recent years there has been a striking shift in attitudes towards public cloud resources, which have become central to government, healthcare, finance and legal institutions.

healthcare (2)

In relation to this, a report by Markets and Markets suggests that the cloud adoption within Government agencies will continue at a stable rate, while healthcare institutions are expected to invest $5.4 billion in cloud computing by 2017. These figures point to a greater interest in the public cloud, while vendors simultaneously focus on building secure solutions to meet the demand. Today, most of the big names in the industry have a solution particularly designed for regulated industries.

Adapting the cloud to regulated industries

Apart from Amazon Web Services, which is currently used to process, store and transmit Department of Defense information, multiple other vendors have released their secure solutions over the last couple of years. Most notably, Box released their Governance platform to enable healthcare specialists to safely manage their data, while Salesforce launched Shield to provide a secure way to monitor and encrypt apps built on the Salesforce App Cloud.

data-movement

Although the institutions in regulated industries are more open to cloud implementations lately, considerable data security concerns still exist. Ensuring compliance is an imperative for specific organizations, especially after some of the most serious breaches the public in the US has seen over the last few months. Most notably, the recent data breach that enabled hackers to obtain social security numbers of 21.5 million US citizens demonstrated the seriousness of this issue and emphasized the global need for more secure IT solutions.

To be able to manage data securely, while at the same time maintaining the necessary flexibility of key processes, organizations in regulated industries need data storage solutions that meet specific security standards. Suffice to say, most leading cloud vendors have recognized this gap and started focusing on this particular market to provide the requested IT resources and, of course, increase their market share.

Unsurprisingly, the value of cloud computing security services is estimated to grow astonishingly in the next few years. Namely, recent reports suggest that the cloud security market has grown from an estimated $4.5 billion in 2014 to $11 billion by 2022. Obviously, the greater demand for cloud-based security inspires more vendors to enter the cyber security game and enable the targeted industries to ensure regulatory compliance more easily.

Understanding the regulatory compliance

Among the recently launched secure cloud solutions, Salesforce Shield and Box Governance are designed to facilitate document management and communication, while minimizing the risks of data breach. However, gaining compliance extends beyond these basic processes and requires organizations to make sure their whole infrastructure is fully protected. Accordingly, they need to obtain relevant certifications such as FISMA, HIPAA, HITECH, PSQUIA, which are required in healthcare, federal and finance industries need to meet in order to ensure the safest possible digitization process.

compliance-cloud

In fact, these standards could be said to have completely redefined the role of an IT professional in the associated fields. As suggested by SecureLink, another major vendor that provides HIPAA-compliant solutions, “policies, procedures and access methods that may have been more than adequate a few years ago, may not be sufficient today.”

This is why the IT departments need to work closely with legal and security teams to ensure that all the IT components are integrated in a way that provides maximum security to sensitive data. Among the key processes, authentication, authorization and audit controls are essential to enaling a secure data flow. This means that IT professionals need to know exactly who and how accesses the organization’s networks in order to be able to early identify suspicious activities and prevent a potential breach. By providing the secure way to implement these practices, the new solutions mentioned above open the door to a true cloud innovation in regulated industries.

Conclusions

Although the cloud represents one of the most potent resources for reinventing IT infrastructure in large organizations, it is often associated with a partial loss of control over data security. Coupled with the general misinterpretation of client-vendor relations, this has been largely preventing more institutions in regulated industries to adopt the cloud solutions. However, the cloud standardization has come a long way, changing the opportunities for these industries. As the technology continues to grow in power, more and more institutions are embracing it as a resource for IT modernization. After years of accelerated adoption, it could be said that the year 2015 has finally brought a healthy focus on security that could permanently change the way we see the cloud.

By Sarah Green

Sebastian Grady

ERP Software License versus Cloud ERP SaaS Subscription ─ Pros and Cons 

Software License versus SaaS Subscription Your software is an asset. Software vendors such as Oracle and SAP are pressing customers to replace existing enterprise applications in order to move to the vendor’s new platform. Yet, ...
Flexiant Tony Lucas

There Are Still Opportunities For Service Providers

Opportunities For Service Providers Service providers (SPs) still have a golden, but short-lived opportunity to commercialize the $266.4 billion cloud services market before AWS and others call it “game over.” By being more agile, able to ...
Tesla Twitter

The Tesla Story The World Is Ignoring

The Tesla Story The World Is Ignoring Bugatti is one of the most recognized names among luxury supercars. After the founder Ettore Bugatti died, the company nearly disappeared in 1952. Until Italian businessman Romano Artioli ...
Juan Pablo Perez Etchegoyen

7 Security and Compliance Considerations for Cloud-Based Business Applications  

Security and Compliance Considerations There’s no doubt on-premises deployments of mission-critical business applications provide more control over data as it resides within the four walls of an organization’s network infrastructure. However, businesses can no longer ...
Internet Security

Firefox introduces Enhanced Tracking Protection for Desktop Users

Firefox introduces Enhanced Tracking Protection for Desktop Users Great news for Mozilla Firefox users as the internet browser rolled out its latest tracking protection features that make web surfing a lot safer. The new Enhanced ...

TECH ELEARNING

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.