Moving to the cloud securely remains a significant challenge of flexible working

By Scott Dodds, CEO Ultima.

  • 3 years ago Posted in

While the end may be in sight for full-scale remote working, most companies are looking to continue with flexible working in some form or other. The benefits that both employers and employees have reaped in terms of cost reductions and flexibility are unlikely to be given up quickly. But in a recent survey of customers, Ultima has found that many challenges still exist for companies if they are to embrace flexible working successfully in the long-term. 



The pandemic has forced many companies to innovate at an unprecedented rate, and digital transformation has moved on in a year to a place it would have taken five or more years to do. But many businesses are still struggling with the new normal. They have become more susceptible to cyberattacks, and poor IT infrastructure has resulted in poor employee experience causing productivity and profits to fall.  

In a recent survey of over 200 prospective customers, Ultima asked about the challenges they were facing due to current requirements for remote working. Nearly half (41%) cited security concerns as an issue and 17% application access.  

IT infrastructure is a cause for concern too. While many companies have embraced the advantages of cloud computing during the lockdown, over a third (37.5%) of respondents, don’t believe they have the capability to move to the cloud. There were a variety of reasons why the respondents don’t think they have the capability, with 16% saying it was due to legacy applications and another 16% saying it was due to budget constraints or challenges. A further 12% per cent blamed lack of in-house technical expertise and another 10% on investment being made in on-premise infrastructure.  

The pandemic has created exponential growth in companies requiring cloud services, but their IT staff don't have all the technical skills to effectively and safely move them to the cloud. This leaves companies open to security vulnerabilities as well as meaning they are not optimising their cloud environment. 

While many businesses have risen to the challenges of remote working, infrastructure and security remain an issue. But automated cloud services with in-built security solutions can solve these problems. They can be bought on a pay-as-you-go basis, addressing large CAPEX outlay issues and allowing companies to overcome legacy application issues and provide security that protects both employee and company from outside attack. 

Lack of capability and capacity solved  

For those companies who’ve still not made the leap to the cloud, automated cloud migration services exist that can overcome the financial and skills shortage barriers to entry. Managed Service Partners (MSPs) can provide technical expertise and technical solutions to make this possible. The results of moving to the cloud can be spectacular too: from an average 30% reduction in expenditure and up to a 750% increase in productivity. They also have no upfront costs.  

Using Microsoft Azure's open and flexible cloud computing platform, for example, combined with automated migration, you no longer need to look after and buy hardware, or sort out power and cooling. Your IT infrastructure and security can be run on a pay-as-you-go basis. And if you need increased capacity, automation means you can extend your on-premises data centres and infrastructure to Azure within a few hours, providing the extra capacity required for critical systems and applications. 

Poor security solved  

We know that traditional security solutions don’t work well in the cloud. When customers move to the cloud, they try and take their traditional security solutions with them. But as the cloud works in a very different way to on-premises, this leaves companies open to vulnerabilities. You need a made for purpose solution, based on cloud security best practice. 

With the latest automation technology security and monitoring solutions are automatically applied to existing and new workloads. It scans the collected data and includes proactive monitoring around security events that will let you know exactly what’s happened in clear-to-understand alerts, and where action should be taken if needed, covering critical areas such as anti-malware. IT staff can view in real-time their security and compliance reporting. Soon we will be able to scan a customer’s environment for security-related bad practice or incidents and make recommendations on how to fix them and even give them a score as to how they are doing.  

At Ultima, we’ve also found that on moving to the cloud customers have poor visibility of what is going on in their environment. We know about 25% of companies don’t even realise they have high severity patches missing. This is down to a skills shortage and a lack of time – as patches are often done manually.  

With automated cloud services, patching happens automatically on repeat and even scales as your infrastructure grows. If a patch is due and fails for whatever reason the system will automatically create an alert. This information will go to the third line technical team, and they will investigate it themselves, whether that’s your MSP or your own IT staff. The time savings to the IT department are huge – often 100’s of hours a year - enabling them to focus on other projects and have peace of mind about security. 

Traditionally, you would do a true-up every month or quarter of your IT environments to bring new things, including security issues, to the management. But when you are in the cloud, you can spin things up so fast, that you will have a gap if you are only doing a true-up every month or quarter. With an automated service, you can automatically onboard things, so you don’t have to wait for the true-up process, which means you have a more proactive security service and less vulnerability. We’ve found that customers who are using automated cloud services have a 66% reduction in security incidents.  

Lack of visibility of critical data solved  

With ever increasing cloud resources, it can be hard to get visibility into your cloud infrastructure. The technology exists now to automatically scan and configure your cloud resources with centralised logging and telemetry capabilities. As your environment grows, this process repeats itself automatically as it scans and configures itself when new resources are added. This means that all logging information is available, and you can also see on one dashboard insights into your security posture. Usually, it's hard to see what's happening from a security perspective – what data is coming in and going out, top destinations, any malicious activity detected in the last 24 hours, etc. Automated services give customers a dashboard that centralises all the information to see what is happening in a simplified format and how your infrastructure is performing at a high level.  

These new autonomous cloud services enable companies to free up 100's of hours of IT staff time and reduce security incidents. Moving to the cloud has previously been a struggle for some companies as costs escalated for support, maintenance and security. New technology has changed that and is ensuring security and infrastructure are no longer barriers to successful cloud deployments and productive, flexible working.  

 

By Andy Mills, VP of EMEA, Cequence Security.
By Paul Birkett, VP Strategic Portfolio Management at Ricoh Europe.
By Liz Centoni, Chief Customer Experience Officer, Cisco.
By Lars Rensing, CEO of Protokol, DPP Solution Provider .
The IT world is moving faster than it has ever been. As a manufacturer, the only way to compete and...