Cybersecurity evolving as cloud platform use matures

25th October 2019

By: Schalk Burger

Creamer Media Senior Deputy Editor

     

Font size: - +

Moving data, workloads and business applications (apps) into and out of cloud service platforms, which must be addressed by cybersecurity solutions, is part of the maturing use of cloud by businesses, says cybersecurity Europe, Middle East and Africa Fortinet chief information security officer evangelist Alain Sanchez.

Companies are using cloud platforms to test new services and processes at scale in addition to more typical outsourcing models, but are also bringing some of these services back into their own information technology (IT) environments once the tests are complete.

This information is derived from the global IHS Markit survey, commissioned by Fortinet, which found that 74% of IT decision-makers in 350 companies had reintroduced elements that had been kept in the cloud to their companies’ premises. Forty percent of these actions were planned, indicating the maturing use of cloud systems.

“We believe that this is part of a virtuous cycle where the cloud serves to probe and test at scale innovations that companies develop,” he says.

It is not always possible for companies to accurately predict how quickly an application will be adopted by clients without testing at scale, but it is easy to build apps in the cloud to monitor crucial performance metrics using the analytics tools and modules in place in cloud systems.

These cloud tools enable companies to get a sense of how well a service or product will perform and how quickly it may be adopted, while having a test environment with known and controllable operating costs, explains Sanchez.

“This enables project managers and developers to gain performance statistics based on large-scale implementation trials with which to illustrate their projects and proposals to the board or executive.”

Once a project is approved, many of these tests are taken out of the cloud and brought back into the company’s environment.

“While this phenomenon does not change the fundamental value proposition of the cloud or its anticipated continued growth, it does illustrate that cybersecurity solutions must protect data even when it is moved between elements in hybrid IT environments and/or cloud platforms,” emphasises Sanchez.

Cybersecurity officers recognise that data is the ultimate asset, and must be protected beyond even the network’s perimeter and the datacentre.

“The physical location of IT hardware is irrelevant and all data must be protected. However, other pressures are also placed on cybersecurity officers, such as CFOs advocating the use of the cloud to save costs.

“Putting some elements into the cloud and then bringing it back is healthy for businesses on one condition: that cybersecurity cannot be compromised whether the data and elements are in-house or moved between external service providers,” he says.

Manually reprogramming all security policies for each element as it transits between datacentres is not a solution; it would also limit the benefits and flexibility afforded by cloud platforms in addition to compromising cybersecurity.

Any cybersecurity solution must allow for one governing policy to be applied to a type of application, such as a simple spreadsheet or business information app, across all platforms.

However, it is not possible for, or realistic to expect, any cybersecurity solution to guarantee security in all environments. Fortinet’s Visions cybersecurity solution is also designed to function as a security hypervisor to manage cybersecurity policies across platforms and ensure that such policies follow the apps and data, even in conjunction with other solutions.

Therefore, Fortinet has focused on leveraging its core expertise of protecting various IT environments to develop the Fortinet Security Fabric platform and enable companies to better manage their data and cybersecurity in complex, modern IT environments, concludes Sanchez.

Story highlights:

* Companies are using cloud platforms to test new services and processes at scale and cybersecurity solutions must protect data in all environments and during transitions.

* Cybersecurity solution must allow for one governing policy to be applied to a type of application across all platforms.

Edited by Martin Zhuwakinyu
Creamer Media Senior Deputy Editor

Comments

The functionality you are trying to access is only available to subscribers.

If you are already a subscriber, you can Login Here.

If you are not a subscriber, you can subscribe now, by selecting one of the below options.

For more information or assistance, please contact us at subscriptions@creamermedia.co.za.

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION