The Move From Working For IT Services to With Them

Having recently made a move from working for IT services vendors for many years, to work in a corporate IT department, I have to re-orient the way I think about a lot of things. One aspect that is great though is finding out that some things that I have believed to be true are now proving themselves to be completely correct – despite the hype often present throughout the IT industry. (The many things I’ve been wrong about we’ll delicately sweep under the carpet…).

In my new role, I am seeing real life cases of business units being able to innovate faster, accelerate towards their strategic goals, and scale to customer demands in ways they just couldn’t have done previously, all by using cloud computing. I am coming across previous cloud sceptics that have now realised that by having a lot of the daily maintenance tasks that used to consume their time, provided automatically as part of a broader cloud platform service, is freeing them up to do more productive and innovative tasks. But the biggest surprise of all was finding IT security professionals – working in what many people would negatively describe as a “regulated” vertical – who were completely open to using cloud computing!

For years I was led to believe, almost religiously, that there was no way InfoSec professionals in regulated industries would allow corporate applications to reside in a public cloud. “They just couldn’t” I was told with an aura of disbelief at even the utterance of such an absurd idea! But it just didn’t seem to ring true with the rest of the facts. Almost every story of a security or data breach that made it to the press, and there weren’t a shortage, seemed to reference internal data centres or careless use of mobile devices. Where was all of the data that was surely pouring out the back of the public clouds going to, and why was no-one screaming about it? And how on earth were the big cloud vendors claiming such growth when they were only being used for test/dev workloads, or by developers that were going rogue on their bulging personal credit cards?

[easy-tweet tweet=”The idea that cloud is inherently insecure is fast going the way of the minidisc ” hashtags=”Cloud, IT”]

Instead, I found an Information Security team that realise that not only is it possible to apply security standards and controls equally across the data centre and cloud but that in many instances it is both simpler and cheaper to apply the required security controls in a cloud environment. Why invest in, deploy, maintain, patch, and power separate solutions for each aspect of your security requirements onsite, when in the cloud you can often ‘check a box’, select a few configuration options, and you’re done?

The idea that cloud is inherently insecure is fast going the way of the minidisc – it seemed a great idea initially, but has been quickly proven not to be the case. But more than that, I think it’s probably now simpler to secure your data inside a cloud platform than it is outside. And I’m not even trying to sell you anything anymore!

+ posts

Meet Stella


Related articles

Strategy and anticipation are key to securing against cyber threats

With technological progress comes increased security risks. Sophisticated and co-ordinated cyber groups are working every day to find potential entry points into organisations’ networks.

Raising talent attraction and retention with IT investment

To be at the centre of talent attraction and retention, businesses should make use of workplace technology that enables them to integrate collaborative, secure and sustainable measures into their operations.

How NIST started the countdown on the long journey to quantum safety

Leading the charge to develop a post-quantum cryptographic standard for organisations is the US government’s National Institute of Standards and Technology (NIST).

Overcoming economic uncertainty with cloud flexibility

Particularly for companies that jumped into the cloud headfirst, taking the time to optimise existing processes is a remarkable way to reduce infrastructure costs and free up OPEX for delivering business value.

“The need for speed” – Finding a way to unlock agility for today’s businesses 

To fully support agility, the solutions chosen will need to enshrine all the latest innovations in areas like artificial intelligence, machine learning or prescriptive analytics.

Subscribe to our Newsletter