Do the security benefits of cloud migration outweigh the downsides?
A lot can change in 18 months – and that includes how organizations have come to view a workload migration to the cloud. At the beginning of 2020, senior managers largely viewed remote working as undesirable and prone to abuse, resulting in poor productivity amongst workforces. Fast forward to today and things look a little different. The pandemic has elevated remote working to the de-facto approach for businesses globally, dispelling age-old myths and transforming the way millions of people work, possibly forever.
Businesses must now give employees access to the tools and applications they need to do their jobs outside the typical office environment. How do businesses do this? By embracing the migration to the cloud as necessary – a shift that requires a total reboot of policies and security tools suitable for the modern remote workspace. And it doesn’t stop there. If they haven’t already, endpoint protection services must also move to the cloud to ensure ongoing data protection.
Few businesses would choose such timing or process for their migration from on-premises to cloud. Yet the benefits are undeniable. Furthermore, the explosion of cloud-native apps released throughout 2020 and 2021 means ample cloud choices when it comes to tools that can boost both productivity and capability amongst remote workforces. Still undecided? Read on to understand the biggest advantages that switching to cloud-based services offers:
However you look at it, cloud services are much more affordable than on-premises alternatives. When you purchase on-premises infrastructure, you own it outright, meaning you are responsible for all of its ongoing costs. When migrating to the cloud, however, you shift many of the maintenance, updates, and other costs to the provider. You also do away with many indirect costs – such as power consumed by on-premises hardware and the expense of its physical space. There are no upfront capital costs either, as the subscription model used by most Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) providers appear as monthly fees that are rolled into ongoing budgets, making pricing both predictable and transparent.
Speed, agility, and scalability
Although it’s tempting to cling to legacy software, it isn’t advisable – particularly when it comes to security solutions. Evidence shows that on-premises security solutions can severely hinder a business’s ability to support employees working remotely, impeding productivity in the process. What’s more, solutions set up to block endpoint threats like malware and exploits in on-premises networks aren’t particularly helpful if users are no longer working at the office.
Getting rid of old software and platforms not only helps remove bottlenecks to employee productivity, but also keeps them safer because outdated on-premises setups are prime targets for hackers.
Cloud services are not a total silver bullet when it comes to hacking, but they help. According to Verizon’s 2020 Data Breach Investigations Report, only 24% of breaches over the past 12 months were related to cloud environments, while 70% of breaches hit on-premises environments.
Furthermore, technology inherent in cloud solutions like AI, machine learning, and so on, can prove invaluable when it comes time to scale up, particularly for smaller businesses.
Inherent security – and compliance
While many businesses had early reservations about cloud security, this is no longer the case. In a recent IBM survey, more than 150 top enterprise executives said they planned to migrate 75% of their non-cloud apps to the cloud over the next three years.
Why? Because cloud providers offer much more robust security measures in place than organizations themselves can manage. After all, cloud providers focus exclusively on ensuring the integrity of client data and providing the most up-to-date security available. Moreover, cloud security providers must also ensure data is compliant with all relevant regulatory requirements, such as the General Data Protection Regulation (GDPR) and the Payment Card Industry Data Security Standard (PCI-DSS), further mitigating risk.
Cloud migration can also help maintain a more robust cloud security posture by freeing up resources. With the right controls, applications, policies, and technologies in place, businesses can tackle multiple security priorities: protect intellectual property, fend off both external and insider threats, and gain much-needed visibility over their environments. Indeed, in a recent Cisco CISO benchmark study, 93% of CISOs agreed that moving security to the cloud increased their organizational efficiency, allowing security teams to focus on other key areas.
Migrating to the cloud can be a daunting prospect at first, but it’s becoming an increasingly important and necessary one. To make this shift effectively, businesses must do their homework and find/create the right model for them. Once they do so, the rewards are immediate. It’s taken a global pandemic to give some businesses the push they needed, but it’s safe to say very few will be returning to on-premises solutions – even if office-based working eventually becomes the norm again.
Article contributed by Tim Bandos, CISO and VP Managed Security Services at Digital Guardian
30 November 2023