It comes as no surprise that cloud has become one of the most talked-about topics in the industry given the pressure that CIOs and their teams are under to improve ROI and reduce TCO. According to analysts at IDC, public cloud spending is set to grow by an incredible $122.5 billion this year, which is a 25% inflation from 2016. Nine out of ten organisations are now using cloud-hosted apps and services, some likely without even knowing, it as they upload photographs onto their company Twitter page or log sales into Google Docs.
The concept of the cloud was invented in the 1950s in the form of mainframe “time sharing” which saw multiple users sharing mainframes for data access and CPU time. The cloud in its modern form then emerged at around the same time as the internet in the 1990s and was so named by Professor Ramnath Chellappa. In a paper that he presented in Dallas in 1997, the Professor quite aptly defined cloud computing as a “…computing paradigm where the boundaries of computing will be determined by economic rationale rather than technical limits alone.”
According to a study conducted by the Cloud Industry Forum, it appears that Chellappa was spot on. Less reliance on data centre hardware and the advent of cloud-based subscription service programs has resulted in 60% of businesses now claiming to save money because of the cloud. In addition to helping organisations save money by purchasing less, the cloud also helps businesses save money by improving efficiency and accessibility to a vast spectrum of shared resources.
Maybe all these numbers won’t come as much of a surprise to IT Pros. It is fair to say that along with the internet, the cloud has fundamentally changed how we work today.
So, what’s the problem?
Whilst the above statistics seem to portray the cloud as a widely embraced service, there remains some apprehension around what, when and how much data businesses should be migrating to the cloud. One of the biggest concerns is data privacy and security. Namely, some people don’t think the cloud is secure enough to be trusted with their data – and the thought of implementing their own security tools within the cloud is too much to handle. Duncan Brown, an analyst at IDC whose forte is data security, supports this argument by suggesting that there are three “P’s” holding people back from moving wholeheartedly to the cloud: Privacy, Perception (of the reputation of cloud service or cloud security service), and Paranoia.
So, whilst the cloud hugely benefits organisations in terms of efficiency and flexibility, organisations can perceive security as lacking within the cloud, either bolted haphazardly on to strategies as an afterthought or worse, left out altogether. When considering the vast quantities of often incredibly sensitive data that are stored in the cloud, the lack of well-thought-out and integrated security plans is a worrying prospect, particularly with the growing security threat landscape which lives to seek out and exploit organisations’ vulnerabilities.
Security and ITSM Uniting Within the Cloud
A lingering reason why some people aren’t getting the most out of the cloud is the struggle with trust. However, in practice, we increasingly understand that data entering and leaving the cloud is subject to the same level of scrutiny as any other data entering or leaving the network, and in some cases subject to a higher standard. Critical network security such as firewall, asset management, application control, and AV are employed in combination to provide that level of scrutiny.
An integrated ITSM and security solution is capable of improving operations for IT management and IT security, as well as for business efficiency as a whole. IT Service Management plays a vital role as it often represents an early warning mechanism capable of identifying incidents which can represent a potential threat that could impact a cloud-based service. If working properly as an extended team, the service desk can quickly alert the experts if a risk is identified with a local or a cloud-based service… In many cases an action must be taken, quickly deploying a patch for example, and this sequence is best performed by the service desk, operations and security teams working closely together. Taking this a step further, the action can be requested through the Service Catalog which then employs automation tools and enforces audit and governance standards thus permitting the organisation to execute both quickly and in the best possible manner.
In a unified and coordinated IT operating model, the service desk would help facilitate a culture of security awareness within the organisation – monitoring user behaviour and quickly identifying risky actions are just two examples of this growing awareness.
Once organisations start better understanding how to best leverage Cloud based systems, and the inherent strength of a layered, unified service management and security service, any lingering fears around cloud usage will fade away and lead the way to further business efficiencies uniquely associated with the many benefits of Cloud.