Earlier this year I was given the opportunity of presenting the concept of cloud computing to delegates from the Chemical industry. I remember when I put the title slide up, and then made the bold claim that – Cloud computing, and in particular public Cloud Service Providers should be considered for ALL sectors even those securing industrial control systems and the broader ‘Critical Infrastructure’ industry.
I don’t think I was universally liked at that moment.
Perhaps I should try and explain before I alienate all readers, by no means am I saying that all data must be moved into a public cloud, nor am I saying that no data should be moved to the public cloud. The first thing that needs to be considered is the concept of legal and regulatory obligations. There may be some data that needs to sit within certain geographical boundaries, and if you cannot assure where the data will ultimately reside then it may not be possible to work with certain service providers.
Of course the next point becomes key; ‘Risk Appetite’. Of course this concept is not new, but ultimately how much risk are you willing to tolerate? Of course this will vary on the type of data you have, and the potential impact of such data being unavailable, losing its integrity, or being publicly disclosed. The presentation I delivered fundamentally focused on this concept, whereby there will be many data sets within an organisation that could be managed by third parties, but equally certain data sets that demand the level of transparency required when hosted internally.
In 2009, when I worked with the European Network Information Security Agency (ENISA), on the paper entitled ‘Cloud Computing Risk Assessment’ we considered the use case of cloud computing within an e-Health context. We then followed up in 2011 the paper ‘Security and Resilience in Governmental Clouds where we identified that there were “major weaknesses of a public cloud solution for governmental organizations are related to the lack of governance, the large number of tenants (users) in the cloud and to the strong negotiating power of the cloud provider in the definition of the contract”.
However we have begun to see public sector organisations beginning to leverage public cloud computing, and in particular utilising Data Loss Prevention in ensuring that only data that they ‘allow’ to use the public cloud traverses the internet. This approach maximises the IT budget by applying the right level of security to data, and assuring that highly classified documents remain in security zones that meet the risk appetite of the organisation.
Of course by the end of the presentation the feedback I received was positive, and in general from a Critical infrastructure perspective such a concept of security zones is well understood. Next time I think it may be best to start with a joke!
In the meantime, we have an upcoming podcast on this very topic, so be sure to tune in.
By Raj Samani
Monday, June 4, 2012
Friday, June 1, 2012
BYOD, Social Media and New Cloud Consumption Models
Bringing You the Workplace Revolution
Kids get sick, cars malfunction, pipes break, bad-hair days occur, and the list goes on. Life simply happens. But thanks to technology, it no longer means the end of the world for that work day. With a rapidly growing change in workplace ideologies like BYOD (Bring your own device), and technologies like TelePresence, Jabber and WebEx, I have the ability to work almost anywhere at any time, even if things prevent me from getting to the office that day.
Given the explosion of social media technologies in the past few years, it only makes sense that BYOD is taking off like a firestorm—even among small businesses—as covered in two recent blogs, ‘Business Ready: On the Go and in the Clouds’ and ‘Supersizing Your Small Business.’ In fact, the Cisco Connected World Technology Report found that two of five college students and young employees would accept a lower-paying job that had more flexibility with BYOD, social media access, and mobility than a higher-paying job with less flexibility. So what about those at companies with very little flexibility when it comes to devices? Seven out of ten employees knowingly break IT policies on a regular basis, and three out of five believe that it is not their responsibility to keep the company secure. The bottom line: the workplace revolution is happening (and it’s being video streamed on your mobile device).
And as we become more and more reliant on mobile devices, cloud is becoming more of a focus area. In ‘the old days,’ we could only store our data and apps in physical servers in the company’s data center. But today, the data and apps can be stored and accessed additionally from public clouds, giving us more flexibility and agility. Think about a business developing a new product. They will have likely built a private cloud in their datacenter. Should their product become an overnight success when it goes to market, it’s good to know that they can offload compute to public clouds to help handle the load. These emerging trends may cause your company to implement new policies and train IT and staff, but in the end, the employees will be happier and productivity will be higher—and that has impact on customers, as well.
If you’d like to hear more about mobility, cloud and social media, check out the 2012 Time to Thrive Small Business Tour, in various cities throughout the United States over the next few months. Or, simply raise a glass and toast to the workplace revolution—and celebrate Cinco de Mayo, from any place, with any device.
By Marie Hattar
Kids get sick, cars malfunction, pipes break, bad-hair days occur, and the list goes on. Life simply happens. But thanks to technology, it no longer means the end of the world for that work day. With a rapidly growing change in workplace ideologies like BYOD (Bring your own device), and technologies like TelePresence, Jabber and WebEx, I have the ability to work almost anywhere at any time, even if things prevent me from getting to the office that day.
Given the explosion of social media technologies in the past few years, it only makes sense that BYOD is taking off like a firestorm—even among small businesses—as covered in two recent blogs, ‘Business Ready: On the Go and in the Clouds’ and ‘Supersizing Your Small Business.’ In fact, the Cisco Connected World Technology Report found that two of five college students and young employees would accept a lower-paying job that had more flexibility with BYOD, social media access, and mobility than a higher-paying job with less flexibility. So what about those at companies with very little flexibility when it comes to devices? Seven out of ten employees knowingly break IT policies on a regular basis, and three out of five believe that it is not their responsibility to keep the company secure. The bottom line: the workplace revolution is happening (and it’s being video streamed on your mobile device).
And as we become more and more reliant on mobile devices, cloud is becoming more of a focus area. In ‘the old days,’ we could only store our data and apps in physical servers in the company’s data center. But today, the data and apps can be stored and accessed additionally from public clouds, giving us more flexibility and agility. Think about a business developing a new product. They will have likely built a private cloud in their datacenter. Should their product become an overnight success when it goes to market, it’s good to know that they can offload compute to public clouds to help handle the load. These emerging trends may cause your company to implement new policies and train IT and staff, but in the end, the employees will be happier and productivity will be higher—and that has impact on customers, as well.
If you’d like to hear more about mobility, cloud and social media, check out the 2012 Time to Thrive Small Business Tour, in various cities throughout the United States over the next few months. Or, simply raise a glass and toast to the workplace revolution—and celebrate Cinco de Mayo, from any place, with any device.
By Marie Hattar
Subscribe to:
Posts (Atom)