The cloud untethers businesses. It offers them freedom to rise above physical hardware and expand their global infrastructures through universally accepted applications that continuously improve almost every element of an enterprise—from operations and production to customer service and beyond.
Application architectures that run on cloud—even when working in concert with on-premises systems—accelerate digital transformation, engender responsiveness, and simply let companies compete harder and smarter than ever before.
But as we explored in the first of this two-part series, which looks at the potential of cloud technologies, businesses aren’t exactly leaping into the cloud. Instead, they’re slowly transitioning their operations from largely on-premises systems to hybrid-cloud architectures. And as they make these slow advancements, they’re discovering pain can accompany progress if they’re not fully prepared to handle data security in the cloud. Sensitive data must be fully protected if enterprises want to innovate without disruption.
Although the cloud offers freedom to use the systems and applications of many different providers, it’s a recipe for complex data security. Many organizations struggle to keep up with the many data-security strengths and weaknesses of different cloud vendors. On top of that, cloud changes how businesses oversee internal data security. With data everywhere in all sorts of cloud systems, they quickly learn that their data-security practices can’t stay rooted in the philosophies required for on-premises systems.
Here are three ways data security in the cloud can get stormy:
Data Security is Murky in the Cloud
Cloud providers offer businesses a bounty of technological benefits, but they sometimes come up short on data protection. For one, few cloud providers offer uniformity in their approach to safeguarding data. Security and compliance teams thus have to piece together disparate cloud-security policies every time a new cloud application or database is considered. More importantly, cloud-native data protection often doesn’t meet an organization’s demanding expectations. Companies can’t take chances with less-than-ideal data security.
Different Cloud Policies Slow Innovation
Businesses often can’t innovate because they’re busy tending to disparate data-security policy enforcement across their many on-premises and cloud-native databases and tools. With data-security administration decentralized, compliance and security teams scramble to align expectations for data privacy with the data-security policies of different vendors. An easy way to handle this lack of cohesion is to tighten access to data, but that slows the progress of those using cloud applications and programs in their workflows. Innovation then suffers.
Separate Responsibilities, Singular Problem
Businesses recognize the imperative to separate the duties of those responsible for the setting of data security policies and granting access to users. By splitting responsibilities, an enterprise ensures that no one person or department has the keys to security. Dividing duties also expands the audit process; policies and permissions can be double-checked by those removed from decisions. Many companies charge security with establishing data-security policies, while IT delegates access to data. Although this separation might strengthen a company’s data-security posture, having more people—in other words, more required permissions—can slow work, development and, ultimately, innovation.
Business lines and employees can wait weeks for permission to access sensitive data that needs to be quickly fed to analytics or used in container development and DevOps. Delays caused by excessive layers of data protection are just the sort of thing that enterprises can’t afford as they strive to drive the pace of competition.
Companies need to discover sensitive data in their many cloud applications and platforms so it can be protected and innovation can proceed uninterrupted. Data offers value only if it’s discovered, classified, and protected, otherwise it “sits around” untapped. It’s a huge challenge to keep tabs on all the data migrating to the cloud—often spanning multi-cloud environments—and being generated in cloud-native databases.
When classification and discovery can offer a comprehensive view into where all of the data is—no matter the cloud platform, application, or vendor—companies can then choose which data-protection strategies best meet their regulatory obligations and customers’ demands for data privacy.
Data security that’s easy to control also eliminates the long wait that businesses often experience as beleaguered security and compliance teams work slowly to sift through data to determine what data is free to be used in analytical processes. Through such control and choice comes confidence: Gone are the days of enforcing restrictive security policies that delay analytics-based projects, and gone are the days of loosely enforcing policies so that analytics can proceed—but at great risk to the sanctity of sensitive data. Instead, businesses can confidently align security practices with the ways in which they innovate with cloud.
To achieve all of that, they first need a data-protection platform that streamlines data-security policy management and secures all types of data in all kinds of cloud environments. That kind of a platform helps create iterative, comprehensive data-protection strategies that proactively ensure the privacy of data and safeguard the cloud-driven initiatives that fuel innovation.
A survey conducted by the cloud provider Flexera shows that, despite businesses’ relative slowness in moving workloads to cloud, they are nonetheless expanding their use of cloud overall. Ninety-three percent of enterprises have a multi-cloud strategy, while 87 percent have a hybrid-cloud strategy. The survey also illustrated what many companies want out of cloud: the opportunity to tap new technologies to put data to use in new and exciting ways. Indeed, the top growing PaaS uses, according to the survey, are, in order: IoT containerization, and machine learning and AI–initiatives that uncover, coalesce, analyze, and act on data.
Yet, if data can’t be protected—no matter what it’s doing in the cloud—innovation might as well be a dream in the clouds.