App Direct CEO

How to Transform to Succeed in the Digital Economy

Succeed in the Digital Economy In today’s increasingly competitive business climate, companies must put digital technologies at the core of their operations. In order to avoid the same fate as companies like Sears or Yellow Cab, businesses must digitize -- from their internal processes to
/
Mark Casey Apcela

After the SD-WAN: leveraging data and AI to optimize network operations

AI to Optimize Network Operations Increasing numbers of companies have implemented SD-WAN technology, thanks to benefits like higher performance, lower cost, and greater business agility compared to WAN services built on MPLS. But industry experts note that there can be a reality check after the
/
visual-security-data

The Soft-Edged Cloud: A Security Challenge

The Cloud Security Challenge

The use of the term “cloud” to describe global, offsite, computing and storage technology is apt for a number of reasons; not all of them good. The metaphor succeeds largely when people visualize their data hovering over their heads, no longer tied to a single location, and consequently easy to access from anywhere. But there are other parallels with actual meteorological clouds, specifically their soft, amorphous shape. This causes problems in perception and definition, which naturally lead to potential difficulties with security.

ISC 2 - CCSPDavid Shearer, CEO of cyber, information, software and infrastructure security certification and education body (ISC)2, points out that the enthusiasm or pressure that companies feel to build their businesses quickly into the cloud can potentially lead to a fundamental weakness. “The easier it becomes to purchase cloud solutions,” he says, “the easier it is for organizations to get ahead of themselves. Business lines within a company can easily acquire cloud-based services, and the fast time to acquire and provision cloud services is extremely attractive. Any organization would be crazy not to take advantage of that.” Shearer points out, however, that when a company elects to leverage cloud solutions and services, management needs to be smart about it; and part of that includes proper and continuous security measures:

As recently as a few years ago, security was looked at as a hindrance; something that got in the way. In these situations, sometimes bad things needed to happen for people to pay attention. In the C-suite, if nothing else, CEOs and CxOs are losing their jobs for a perceived lack of due diligence and lack of strategy to protect a corporation’s intellectual property or personally identifiable information – and that gets people’s attention. Increasingly, what is needed is better communication between those actually responsible for making security work, and the C-suite.

In addition to the lack of clear comprehension of cloud in the executive office, there is also a similar disconnect throughout other levels of business.

Defining The Cloud

Adam Gordon is an author, subject matter expert and instructor at (ISC)2. He illustrates a significant challenge to cloud security being the definition of cloud itself. There’s a great interest in anything and everything cloud,” he says, “but the problem is, as individuals and as businesses, we don’t always understand what cloud means. As a result, there tends to be a gap, where consumption is a lead indicator and security is an afterthought.” It is ill-defined in many people’s minds, Gordon adds. “Many people look at it as a marketing slogan or a marketing solution, but they don’t really get it. As a result, I think one of the biggest issues that we face, as security professionals in the cloud, is the idea of how to create a common ground in terms of what it is we are talking about and how we will frame conversation around risk, liability, security, and things that go with that.”

Yet a third challenge to effective understanding of the cloud is the change of mindset needed, especially among managers and decision makers who spent their early years in the company of mainframes, dumb terminals and internal networks. For many, there is a pervasive, almost instinctive sense that data and computing systems are physically safer when they exist inside the actual walls of a company where they can be seen and touched. The notion of storing data on someone else’s computer somewhere in the world just does not feel right. The truth is that data is generally safer when transferred to the vaults of a cloud organization whose sole mandate is secure storage, but adherence to ideas from an earlier age is a very human attribute; one that never fully disappears.

Mobile Employees

Finally, there is the relatively new phenomenon of mobile employees who see their smart devices as their office, and who expect to use them at home, at work, and in public spaces like coffee shops and transit terminals, accessing Wi-Fi connections with little thought as to security. This soft, boundary-less setting has a direct parallel to actual clouds. Where, after all, does work-related security begin and end, when the device being used shares storage space and connectivity with personal files and pursuits? Adam Gordon worries that enabling individuals to work productively in these non-traditional environments with equally non-traditional capabilities and platforms opens up a collection of unknowns in terms of security and the individualized approach to data.

The softness of the cloud reinforces the need for a new type of security specialist; someone with the experience and wisdom to stay on top of a fast changing environment, and with the skills to communicate the necessary directives to the executive as well as to the rest of the IT team. This is the reason behind the development of the CCSP designation. The cloud will only continue to grow in size and versatility. Successful usage must involve a sound and ongoing security strategy across all levels of operation.

For more on the CCSP certification from (ISC)2 please visit their website. Sponsored by (ISC)2.

By Steve Prentice

  • Steves Articles
Senior CloudTweaks Writer
Steve Prentice is a project manager, writer, speaker and expert on productivity in the workplace, specifically the juncture where people and technology intersect. He is a senior writer for CloudTweaks.
follow me
Daren Glenister

10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

Prevent Data Leaks In The Cloud More companies are turning to the cloud for storage. In fact, over 60 percent of organizations store sensitive information ...
The Massive Growth of the IoT Services Market

The Massive Growth of the IoT Services Market

Growth of the IoT Services While the Internet of Things has become a popular concept among tech crowds, the consumer IoT remains fragmented. Top companies ...
The Cloud Debate - Private, Public, Hybrid or Multi Clouds?

The Cloud Debate – Private, Public, Hybrid or Multi Clouds?

The Cloud Debate Now that we've gotten over the hump of whether we should adopt the cloud or not, "which cloud" is now the center ...
BBC Tech

New Twitter algorithms aim to stamp out trolling

/
A new tool can identify Twitter accounts engaging in bullying with over 90% accuracy, according to researchers. Its algorithms classify two specific types of offensive online behaviour - cyber-bullying and ...
IBM News

Being human in the age of AI

/
Will AI take over the world? Or, more to the point, will it take over the humankind? It seems to have invaded the public consciousness, sparking concerns that AI will ...
Wired

Amazon and the All-Electric Future of Fleet Vehicles

/
Fleets, like the 100,000 delivery vans the retailer ordered from startup Rivian, will make electrics seem more commonplace, and easier to charge. Let’s put Amazon’s order for 100,000 electric delivery ...

TRENDING | TECH NEWS