The Covid-19 pandemic has seen organisations accelerate their cloud strategies, with staff reluctant or unable to work from offices, data centres and many other locations. Computing recently caught up with Justin Augat, VP of Product Marketing at iland, to discuss how organisations are leveraging cloud technologies during the ongoing lockdown.
Computing: How has cloud helped your customers during the pandemic?
Justin Augat: When government stay at home orders were first announced in March 2020, partners and customers alike needed cloud services immediately to enable the switch to working from home scenarios, particularly with the significant increase in cyberattacks, chiefly ransomware. iland has helped its customers stay online and secure, experiencing increased demand for its Back-up-as-a-Service and its Disaster Recovery-as-a-Service (DRaaS) offerings, due to its services' increasing relevance to the UK and EMEA market.
CTG: Some organisations are still concerned by the security ramifications of public hosting, what would you advise them?
JA: For organisations looking to move to a public hosted cloud, or those already utilising such an approach, there are a number of steps to take to ensure data is always secure, to go alongside the scalability and flexibility that make public cloud such an attractive proposition.
The first is to properly assess the security posture of the cloud services provider to ensure it offers the desired levels of security. Therefore, a comparison of the security levels that each provider offers, and the procedures it implements in the case of an attack/breach, is required. The organisation should also ensure alignment between its internal security policies with those outlined by the cloud services provider.
Organisations should also realise that cloud vendors are not solely responsible for data security. The organisation using the public cloud is still in control of the security it applies to workloads, data, and content when in the cloud. Whilst organisations will have access to enterprise-grade security offered through the vendor, no assumptions should be made on who is protecting what. Clearly defining who is responsible for protecting what will help assuage any security fears a business may have about using public cloud.
Even if an organisation is not using public cloud to operate a hybrid cloud architecture, it's still worth investing in state-of-the-art hardware, which will add layers to the cloud security environment. Organisations should also look to:
• Automate security in the public cloud, reducing friction within the process
• Understand their potential exposure to attackers, closing the gaps where possible
CTG: Many organisations prefer a hybrid approach to cloud, why do you think that is?
JA: For organisations with both an on-premise and a cloud operation in place, a hybrid approach is ideal for optimising both infrastructures. This allows them to benefit from the speed and flexibility of cloud, without having to spend additional outlay on more infrastructure. Hybrid clouds allow organisations to easily implement disaster recovery solutions if they are using the above combination of cloud and physical infrastructure. This provides a ‘best of both worlds' offering - low storage and compute costs, with high availability of the cloud to back up less critical resources and data.
Enterprises who have not yet made a full switch to the cloud can use a hybrid environment to keep up with changing customer needs by innovating faster, while not shaking up the whole organisation by moving to a full cloud environment. However, it does allow for businesses to change to a full-cloud environment should they desire in the future. This scalability is a key advantage of hybrid environments, allowing organisations to scale accordingly as they grow.
CTG: What lessons do you think organisations should take from the pandemic?
JA: Longer-term, companies are now looking for Infrastructure-as-a-Service (IaaS) as they build out their cloud strategies to support more flexibility and increased remote working. Businesses will need to recognise that a certain level of business resiliency, with technology as the backbone, will need to be ensured going forward. This will guard against unnecessary business disruption during future regional and worldwide events, and during subsequent regional and national COVID-19 lockdowns, whereby governments and businesses have directed employees to work from home, instead of in office environments.
This means understanding data security, business continuity, resilience, scalability, accessibility and so much more. For example, you may not need extra capacity and compute power now; but you need to know that within minutes you can get to that number. Organisations should understand the boundaries between personal and company devices and assets, and gauge what needs to be put into place to protect the business and its employees.
Organisations that are leveraging cloud services need to communicate frequently with their providers to address future needs and concerns, so they can futureproof the business, enabling remote workforces to continue to operate seamlessly.
The pandemic has also reminded organisations that business disruption of any kind can have significant detrimental effect on internal operations, and for that organisation's customers. In an already disrupted world, this will mean that any subsequent downtime will be increasingly punitive. For example, in retail, many have shifted to, or quickly started to offer, improved eCommerce channels, allowing them to continue delivering their services or goods to customers despite closed physical stores. Regardless, this has led to shrinking revenues and severe tightening of budgets.
Therefore, the last thing a business needs is any unscheduled periods of downtime due to IT systems going offline. This goes hand-in-hand with the online attack surface widening in many industries, as cyber criminals take advantage of the current global climate, ramping up their efforts to profit from further disruption and distress.
Customer experience rests upon IT systems; interruptions of service, inability to transact, and data loss can be frustrating, debilitating, or even life-threatening in certain industries. Organisations should also think about the costs of downtime and the perception of customers should a vital application be down, especially during a global pandemic that is is continuing to have a knock-on effect throughout the supply chain.
This is why disaster recovery, packaged in a DRaaS solution, is increasingly critical. It is a flexible, cost-effective way to deliver essential disaster recovery, at the press of a button. This enables a business to instantly switch to its DRaaS environment, with an isolated, production-ready copy of its entire infrastructure available in the event of unplanned downtime or data loss.
Acceptable amounts of downtime and data loss are at an all-time low. With the emphasis of IT resilience on maintaining business processes and making a complete recovery as soon as possible, taking the necessary steps to minimise business disruption when faced with a potential ‘disaster' will easily outweigh the initial financial outlay of implementing an effective DRaaS solution.
Justin Augat is VP of Product Marketing at iland