The technological “Eldorado” promised by the cloud is turning into a pitfall-strewn labyrinth for many companies. However, lured by the promise of a more flexible environment and greater availability, we have all decided to head down that road. And there is no turning back now.
According to the International Data Corporation (IDC), in 2021 only 50% of the current physical infrastructures will remain, while the other 50% will be divided equally between the private cloud and the public cloud. What conclusions can we draw from this data?
Immediate Takeaways
First of all, while at first glance it may look like a migration of services, we are actually seeing companies growing in the cloud. In other words, new services are being hatched natively in this environment.
Second, hybrid environments will continue to exist for at least another decade.
Third, we are not only witnessing a migration to the cloud, as some
services that were hatched in the cloud are migrating to on-premise
environments. This happens when a service is highly successful and the costs of
keeping it in the cloud are greater than having it on-premise.
[You may also like: Excessive Permissions are Your #1 Cloud Threat]
This is what is creating the following
scenario. Companies see the cloud as a
tool, not a definitive technological step, and it is taken for granted that
they will have to live together in hybrid two-way environments (at least in the
next decade). What’s more, while there is no denying its usefulness due to its
growth-supporting capabilities and flexibility, it also implies a certain level
of complexity in terms of administration and security policies.
Until now, the architectures were protected
with a physical security perimeter that clearly differentiated the internal
user from the public user. With the cloud, there are no longer any secure or
insecure areas: we are all on the same perimeter. This means that we are faced
with a double challenge, on the one hand, secure administration of the
environment and, on the other, access control, i.e. “human error” is now the
greatest vulnerability of our architecture.
[You may also like: Transforming Into a Multicloud Environment]
What is the First Step Towards Cloud Migration?
Although it should always have been the
case, it is only now that the design of the solutions is coming into its own.
This makes the containers the perfect tool to create much more limited
technological “microenvironments”, which allow the creation and destruction of
complete architectures in a few steps.
What Tools are Technology Manufacturers Proposing in Support of This Process?
One of the big changes that will occur in
companies that offer technology products (whether hardware, software or both)
is the form of licensing. It requires a flexible pay-per-use system, or
fractioned payment, which makes it possible to move our product autonomously
between different environments without higher charges for our customers. Of
course, these licensing systems do not only concern the software, they must
also cover the hardware.
Security IN the Cloud? Or Security OF the Cloud?
The cloud that we have described above is a relatively complex scenario, riddled with challenges, especially when it comes to security. But we must not forget that the cloud also provides us with a fantastic “umbrella” against new types of attacks thanks to AI (artificial intelligence).
[You may also like: Managing Security Risks in the Cloud]
The technological muscle of the cloud offers two fundamental advantages: enormous computing capabilities, as well as instant access to hundreds of known attack databases and zero-day threats. These two attributes are changing the security model, as we now have much more effective measures against attacks that a few years ago were almost unstoppable (botnets, Ransomware, DDoS, etc.).
How Should We Prepare for This Migration?
We, the companies that offer technology
solutions, must take on board the fact that customers face two problems. On the
one hand, there is the classic problem involved in any technology migration,
but there is also a new stumbling block: calculating the costs of moving to the
cloud, as well as the costs of returning from the cloud. This is the point that
tends to be overlooked in all projects.
Who is Set to Gain from These Changes?
Without a doubt, the customer. Companies
will be able to offer much more ambitious SLAs, as well as more robust and
accessible services.
[You may also like: Application SLA: Knowing Is Half the Battle]
And the Next Step?
New communications protocols such as 5G (or the highly anticipated IPv6) will offer greater granularity of communications, allowing much more dedicated services. We also have the “blockchain”, a data structure taking the issues of encryption, visibility, trust, etc. to an incredible new level. Two new players in the game whose solutions will be as significant as the challenges they bring to the table.
Far from complaining about it, we, for one, are getting ready to party.
Note: This was originally published on ISMS Forum.
Read “Radware’s 2019 Web Application Security Report” to learn more.
Download Now