Organizations are rapidly moving critical data into the cloud, yet they still have serious concerns about security and other business risks. Read Bob Dimicco’s blog to learn several important steps companies can take to mitigate the risks of cloud services, such as uncovering shadow IT, assessing data security, and instituting cloud-specific employee policies.
As a business or technical leader, you know you need to protect your company in a rapidly evolving mobile ecosystem. However, threats are not always obvious. As malware and attacks become more sophisticated over time, business decision makers must work with technical decision makers to navigate security threats in a mobile world.
This blog series, authored by Kathy Trahan, will explore the topic of enterprise mobility security from a situational level and provide insight into what leaders can do now to mitigate risk. To read the first post focused on securing device freedom, click here. The second post, available here, focused on the risks that come with mobile connections. – Bret Hartman, Chief Technology Officer (CTO) for Cisco’s Security Technology Group
The Cisco Visual Networking Index revealed an obvious truth that none of us can deny—mobile data traffic is on the rise and shows no signs of stopping:
- By 2018, over half of all devices connected to the mobile network will be “smart” devices
- Tablets will exceed 15 percent of global mobile data traffic by 2016
- By the end of this year, the number of mobile-connected devices will exceed the number of people on earth, and by 2018, there will be nearly 1.4 mobile devices per capita
With the explosion in the number of smart mobile devices and employees increasingly taking advantage of BYOD, securing company and personal data in a world where the mobile endpoint is a new perimeter presents technical and legal challenges for organizational leaders.
What are some of the most prevailing challenges? The personal use of company-owned devices happens more frequently than IT may realize and a complex legal environment can leave both employees and IT confused on how personal privacy is being protected. It is important for human resources to weigh in here as well.
There is no disputing that both enterprises and service providers are embracing cloud. What’s different today is that not only are telcos cloud providers, but enterprises and governments are also becoming cloud providers through a community cloud model.
A community cloud model is a collaborative effort where infrastructure is shared and jointly accessed by several organizations from a specific group that share specific computing concerns such as, security, compliance or jurisdiction considerations. The community cloud can be either on-premises or off-premises, and can be governed by the participating organizations or by a third-party managed service provider.
A community cloud model helps offset common challenges across universities, government agencies and enterprises,such as cost pressures, technology complexity, and spending requirements, security concerns and a lack of sector specific services from service providers.
I recently had the chance to participate in a new Cloud Insights Video Podcast to discuss how CIOs can transform their enterprise IT delivery models and how Cisco is supporting service providers in developing their cloud execution strategies.
User Organizations Are Becoming Cloud Vendors
CIOs have recognized that greater business outcomes can be delivered for their customers by working together to resolve common challenges and realize common opportunities. It’s also becoming clear to them that using a community cloud model for cloud services is an innovative way to help deliver on these outcomes.
As we’ve worked with CIOs in governments and universities across various geographies, , we have focused on building a shared understanding of what can be achieved by moving common services, which are not seen as differentiated to the business, into a community cloud model. For example, all universities offer human resources as a service, and student enrollment services and financial aid services are not considered differentiated. So why not have it as a shared community service that reduces cost outlay and redirects the savings to innovative learning experiences for students?
Tags: CIO, Cisco, CiscoCloud, cloud, Cloud Computing, Cloud Insights Video Podcast, cloud security, community cloud, data security, IaaS, infrastructure as a service, Manjula Talreja, security, Service Provider
In today’s business landscape, cloud adoption and deployment is more than just a technical discussion. It’s really a choice about how to operate your business, regardless of what industry or vertical your organization is affiliated with.
However, as a former CIO, I understand that many CIOs are more concerned with the challenges they face when moving to the cloud than the benefits they can achieve.
For example, in the past, all of your company information and applications were locked-up behind a firewall. As such, none of your customers or remote employees could gain access to your network. Now, through clouds, you can put your business out in the world – where your customers, employees, partners and more can gain access. It’s truly making business more accessible, in an incredibly flexible way – but it can be a daunting process.
Recently, I had the chance to participate in a new Cloud Insights Video Podcast and share how all verticals face similar challenges when it comes to cloud. It probably comes as no surprise that the key areas of concern are security and privacy.
So, how can CIOs address these challenges?
Security and privacy are very real challenges, and it’s the CIOs job to address them, but he/she doesn’t have to go at it alone. Businesses should look for a cloud service provider to become a trusted business partner. When a business is looking for a cloud service provider to host its application or data, the main questions that arise are:
- How are we going to ensure security?
- How will I maintain control over the data and applications that I put in the cloud?
- How do I maintain visibility?
When these questions about control and visibility are answered, it inevitably leads to trust. And when a CIO feels there is a level of trust for information and application security within the cloud, it ripples down through the organization, ultimately empowering customer relationships.
It’s transformational when a CEO can say to customers, “We do have that level of control and visibility and you can look to us to take care of your information.”
As organizations in various verticals look to move past security concerns, CIOs need to find a partner they trust and start a conversation, they may be surprised at how quickly some of their concerns can be mitigated.
Visit Cloud Executive Perspectives to get additional cloud insights for IT leaders and subscribe to the Cisco Cloud Insights video podcast channel on iTunes or via RSS. Additional Cisco Cloud Insights videos can also be found here.
- Download this podcast
- View previous podcast episodes
- Subscribe via RSS to the Cloud Insights Series
- Subscribe via iTunes Podcasts to the Cloud Insights Series
- See highlights and key quotes from the podcast
In the same video podcast series: How Cisco IT Solved Its Internal Cloud Dilemma by Didier Rombaut via #CiscoBlog
Watch the Cisco Intercloud Workload Migration Webcast (available on demand)
Register today for the Cisco Powered Cloud Day at Cisco Live on Monday, May 19. The insightful day will focus on opportunities and challenges that can be addressed with cloud.
Watch Cisco Live’s Cloud Technology Trend Keynote – Aligning Your Strategy and Business for Cloud Success by Dr. Gee Rittenhouse and Faiyaz Shahpurwala on Tuesday, May 20 – 1:30 p.m. PDT.
Security concerns around cloud adoption can keep many IT and business leaders up at night. This blog series examines how organizations can take control of their cloud strategies. The first blog of this series discussing the role of data security in the cloud can be found here. The second blog of this series highlighting drivers for managed security and what to look for in a cloud provider can be found here.
In today’s workplace, employees are encouraged to find the most agile ways to accomplish business: this extends beyond using their own devices to work on from anywhere, anytime and at any place to now choosing which cloud services to use.
In many instances, most of this happens with little IT engagement. In fact, according to a 2013 Fortinet Survey, Generation Y users are increasingly willing to skirt such policies to use their own devices and cloud services. Couple this user behavior with estimates from Cisco’s Global Cloud Index that by the year 2017, over two thirds of all data center traffic will be based in the cloud proves that cloud computing is undeniable and unstoppable.
With this information in mind, how should IT and InfoSec teams manage their company’s data when hundreds of instances of new cloud deployments happen each month without their knowledge?
Additionally, what provisions need to be in place to limit risks from data being stored, processed and managed by third parties?
Here are a few considerations for IT and InfoSec teams as they try to secure our world of many clouds: