THE FUTURE FOR CYBER SECURITY

A study entitled, State of Cyber Security 2017, performed by ISACA (Information Systems Audit and Control Association), suggested that cyber security staff are becoming increasingly difficult to find in such a rapidly expanding and evolving field. The report was based on a survey of 633 cyber security specialists across North America and Europe, with 27% stating that they were unable to fill open cyber security positions in their businesses and another 14% unsure as to whether they would ever fill those positions...

5 Tips For Improving Enterprise Cloud Success In 2017

Improving Enterprise Cloud

There has been an increase in the adoption rate of cloud technology to help businesses keep capital investment and maintenance costs down while benefiting from flexibility and rapid up and down-scaling as needs dictate. However, to maximize the benefits of cloud, companies have to overcome a number of challenges and mitigate various risks. As plans are drawn up for 2017, it is worth considering these tips for improving cloud success in the enterprise.

Cloud Challenges

Proactively addressing cloud-related challenges will help companies realize greater benefits across their infrastructure, IT strategy and business deliverables.

Security is an obvious one. Too often, businesses leave the question of security to their cloud service provider (CSP) and don’t fully integrate their cloud security strategy with their overall IT plan. This is a mistake. The cybersecurity strategy of the business has to be approached as a top priority, all-inclusive, comprehensive plan.

This brings us to the second issue, which is clarity and transparency. A clear understanding of the roles and responsibilities of the business compared to those of the CSP is essential, as is knowing where the boundaries and handover points lie. It also means including the provider in corporate policies, training on security and reviewing and testing the security plan – end to end – frequently.

The third is regulation – another oft-cited challenge. This complex area is constantly evolving and companies must stay abreast of the changes that apply to them as well as the steps they need to take to be compliant. This includes the storing, transferring and removal of data according to data protection laws. It also includes understanding security tactics, such as encryption, which is required for each type of data in terms of who applies this and how it is implemented.

Then there is getting the perfect balance internally when it comes to governance and control of the enterprise’s cloud investment. Ultimately the decision to procure a cloud service provision is a business one, but how involved is IT? Involving the IT department from the beginning is crucial. Ultimately, it is important to have their queries resolved so that they achieve a total understanding of the cloud in the overall schema and the integration points between it and existing systems and processes.

Unleashing DevOps

Forrester Research projects that agile and DevOps methodologies will dominate next year. Having gained experience of waterfall and agile concept to market methodologies, businesses are keen to broaden design and delivery processes to embrace the whole organization. The role of cloud – as a significant component and facilitator in the business’ systems and operations – is an important part of this.

Operations and development working together in an agile way to design, develop and implement solutions according to customer requirements will unleash a swell of opportunities. However, the environment needed for this collaboration will only come as a result of organizational design, policies and processes as well as example-setting and culture development by senior management.

Five Tips

Against this backdrop of challenges and opportunities, companies should review these five tips for improving enterprise cloud success in 2017:

1. Be Demanding – The gap between what cloud solutions provide and what companies need in order to grow and compete is widening. Companies need to demand continuous development and improvement from their cloud solution in order to yield results.

2. Be Self Independent – In order for DevOps to flourish, companies cannot be dependent on CSP vendors – not for the delivery of a roadmap and not for day-to-day updates. Most CSPs provide a set of DevOps tools but if IT isn’t involved enough, or early enough, in the vendor discussion these won’t be made best use of.

3. Be Collaborative – Being demanding and independent doesn’t mean shutting the CSP out. Companies should encourage their provider to unleash their own DevOps capability too – next-generation cloud services are more configurable and companies need to work with their CSP to ensure they get full benefit of this.

4. Be Opportunistic – Enterprise software is rapidly morphing into something similar to an app. Take Office365, the cloud-based Microsoft solution; with it comes the capability to rollout new functionality really quickly such as in-company directory search, without waiting on any vendor to deliver it. Companies need to leverage the functionalities that are out there.

5. Be Compliant – Organizations need to expect a fully rounded solution from their cloud service; not just one that checks all the technical boxes, but one that ticks the business boxes too. And central to this is governance, risk and compliance. A complete cloud solution needs to cover all the aspects of regulation and compliance within a trusted partner relationship. Companies increasingly entrust their most confidential information to the cloud; as it grows to comprise a large proportion of the company’s IT footprint, it becomes a core application and must be treated as such.

In 2017, the challenges companies face from complicated IT infrastructure and systems will continue to be rise. Many of these challenges are met by ensuring security, meeting the demands of evolving regulations and optimizing processes across the organization.

To benefit from the latest methods of fast and agile development with a firm-wide approach, companies need to take advantage of the capabilities that are easily available to them as well as work more collaboratively with providers. By heeding these tips for improving cloud in the enterprise in 2017, businesses can protect current delivery and enhance future performance.

By Vidya Phalke, Chief Technology Officer, MetricStream

About Vidya Phalke

Vidya Phalke is responsible for MetricStream's technical architecture and strategy. Prior to being promoted to the CTO position, Vidya served as Vice President of Product Management and Engineering where he was responsible for MetricStream's Software Products and Platform Delivery. Starting with MetricStream in 2003, Vidya has been instrumental in developing an industry-leading GRC software platform. Before joining the software industry, Vidya earned a PhD in Computer Science from Rutgers University, where he won two Small Business Innovation Research grants for his research on databases and network optimization.