sb-au logo
Story image

Why security is critical during cloud migration

25 Feb 2019

Article by Ping Identity APAC regional director Geoff Andrews

The benefits promised by cloud – agility and economy – are key to competitiveness in the digital era but the transition process is often more complex and protracted than anticipated.

Managing cybersecurity in the interim can be complicated, without a robust IT identity platform.

Cloud head first?

Investment in the as-a-service computing model has soared in recent times, with 2018 spending on public cloud services expected to reach $4.6 billion in Australia, according to Gartner.

The same research report from Gartner cites that software-as-a-service comprises the bulk of the spend, at $2.597 billion, while platform-as-a-service and infrastructure-as-a-service accounts for a more modest $253 million and $536 million respectively.

At least one-third of Australian businesses now use commercial cloud computing services.

The majority of those are at the bigger end of town, according to the Australian Bureau of Statistics.

The hard-to-manage hybrid

Wholesale shifts from on-premises to in the cloud are the exception, rather than the rule.

It’s more common for organisations to dip a toe or a foot in the water before going all in.

Customised, business-critical applications are still running in-house in many Australian organisations, via either the data centre or private cloud, alongside SaaS offerings from new and existing suppliers.

Managing cybersecurity is not an easy undertaking when apps and data are stretched across a disparate array of infrastructure and networks.

In many instances, it’s not a short-term challenge either.

Determining the optimum cloud architecture for an enterprise’s unique business requirements in a rapidly changing commercial landscape and then putting it in place can take months and years.

Rising risks

While enterprises grapple with the challenges of digital transformation and the shift to the cloud, threats posed by hackers and cybercriminals continue to heighten.

Early in 2018, CERT Australia noted malicious cyber activity against Australian organisations was continuing to increase in frequency, scale, sophistication and severity.

The reach and diversity of adversaries are also expanding as hackers and cybercriminals continue to explore innovative ways to infiltrate government and private networks.

Meanwhile, beefed up data protection regimes, at home and abroad, have made privacy breaches a potentially pricey business and comprehensive security measures across the enterprise a more vital investment than ever.

February 2018 saw the introduction of new laws requiring Australian businesses with annual turnover in excess of $3 million to notify their customers and the Office of the Information Commissioner within 30 days of a suspected data breach.

Companies which don’t comply, or fail to remediate adequately, may be hit with fines of up to $1.8 million.

Further afield, the EU’s GDPR legislation, in force since May 2018, gives enterprises just three days to report and remediate breaches.

Serious non-compliers can be slapped with fines of up to 20 million euros or four per cent of global turnover, whichever is greater.

Switching safely

A robust hybrid IT identity platform designed to enable enterprise transitions can make the shift to the cloud smoother and safer.

It can be leveraged to connect users with applications, regardless of where identities are stored and applications reside.

With a robust system of protection in place which can straddle both off and on-premises infrastructure, Australian organisations are better positioned to pursue a move to the cloud with confidence, regardless of the route they take.

Story image
Veeam reports growth as demand for modern data protection increases
“Even with the unforeseen challenges and circumstances that began in early 2020, Veeam continued its rapid growth with its second consecutive year of bookings over $1 billion."More
Story image
Research reveals increase in critical, low complexity vulnerabilities
2020 saw a large spike in physical and adjacent vulnerabilities, likely due to the proliferation of IoT and smart devices in use and being tested by researchers.More
Story image
Millions of email attacks missed by organisations’ cyber security protection
"While organisations have invested in protection against email threats, many of these attacks slip through gateways, landing in users inboxes."More
Story image
Kaseya acquires RocketCyber to bring SOC solutions to more businesses
"With this acquisition, we've doubled down on our security investments to provide our customers with access to experts who can continuously monitoring their IT environments without the cost and complexity of disparate tools.”More
Story image
Cybersecurity trends to look out for: Extortion among the top threats in 2021
Cyber-crime is evolving, driven by emerging trends — 2021 may be the first year when data extortion officially becomes the main threat to businesses worldwide.More
Story image
AppDynamics launches Cisco Secure Application to protect against vulnerabilities
AppDynamics, part of Cisco, has released Cisco Secure Application, a solution designed to simplify vulnerability management, defend against cyber attacks and protect applications.More