[Column] Anton Jacobsz: Moving to cloud? Take note of common security needs

The claim that cloud computing is radically transforming the way organisations (both big and small) do business, for better, agile and faster results, has become fact

The claim that cloud computing is radically transforming the way organisations (both big and small) do business, for better, agile and faster results, has become fact. However, there are still numerous scares denting the confidence of decision makers to shift workloads to the cloud, and security in the cloud continues to have an impact on the “shall we stay on premise or go hybrid or settle in the cloud” conundrum.

“Since the dawn of cloud computing, securing workloads in the cloud has been top of mind for business and technology developers. Data – no matter where it is stored – needs to be guarded for obvious reasons. At the present moment though, I believe that it’s more of a risk not moving into the cloud as, quite simply, the cloud is an integral part of digitisation. The move can no longer be an ‘if’ choice for organisations, but rather a boardroom conversation that starts with ‘when’,” says Anton Jacobsz, managing director at value-added distributor, Networks Unlimited Africa.

He explains that Networks Unlimited Africa anticipated the rapid rise of cloud when it made the decision to offer its customers throughout Africa solutions from RSA, a global cybersecurity leader who offers business-driven security solutions that uniquely link business context with security incidents.

“In a high risk world, organisations cannot afford to let their guard down,” continues Jacobsz,

“And, we are positive that making RSA solutions available to our customers on the continent will aid their transition not only to the cloud but also into the macro digital marketplace.”

RSA holds the accolade of being named a “Leader” in four Magic Quadrants by Gartner: 2017 Magic Quadrant for Business Continuity Management Program Solutions, Worldwide; 2017 Magic Quadrant for IT Vendor Risk Management; 2017 Magic Quadrant for IT Risk Management Solutions; and 2016 Magic Quadrant for Operational Risk Management Solutions.  The company also protects millions of users around the world, and helps 90 percent of the Fortune 500 companies thrive in an uncertain, high-risk world.

Jacobsz adds: “At Networks Unlimited Africa, we are especially pleased RSA enables customers’ cloud adoption plans through its strategy to ensure that its security technology operates is built to scale in the cloud environments that customers deem important.”

The realities surrounding security in the cloud have been documented in the white paper titled, ‘RSA & The Cloud: Opportunities, capabilities & challenges when considering security and the cloud’.

The paper highlights the three common requirements of businesses moving into the cloud and states: “As enterprises move applications and data to the cloud, every CISO (chief information security officer) is concerned about how their workloads will be secured, the same as if they operated on-premises. They know they don’t get a free pass from hackers just because the data is in the cloud. Threat actors view this as another potential attack vector to be exploited in this new, expanding and highly porous attack surface area of the modern enterprise. The bottom line is that enterprises have the same needs to provide (1) threat detection and response, (2) identity and access management, and (3) enterprise risk management for their assets in the cloud.”

The RSA paper expands on these issues and explains:

“Detecting threats in the cloud: When it comes to security monitoring, customers can’t ignore the cloud as a potential threat attack vector. While it certainly differs from on-premises deployment of security capabilities, the assets still need to be secured. Therefore, enterprises need to have endpoint-to-cloud visibility of all enterprise threats.

“Ensuring people are who they claim to be in the cloud: With so much critical data moving to IaaS and SaaS applications, the CISO needs to have a high degree of assurance that users are who they claim to be when accessing cloud resources.

“Providing insight into ‘who has access to what’ in the cloud: With so many applications, the enterprise needs to ensure that users have the right entitlements to both cloud and on-premises apps, based upon their role. Why is too much access a problem? As identity is such a consequential attack vector, limiting what data and apps a threat actor can gain access to using stolen credentials reduces an organisation’s risk and exposure.

“Understanding risk and compliance of the cloud: A major challenge to any organisation’s cloud strategy comes with tracking how the business is utilising cloud services and its relationships with external providers.”

Concludes Jacobsz: “The paper makes for a thought-provoking read. What stands out, in particular, is the sentence: ‘Security software that can’t operate from the cloud will be left behind’. And being left behind in the digital marketplace…well, that just spells disaster.”

Anton Jacobsz is the MD of African value-added distributor, Networks Unlimited.

[Column] Anton Jacobsz: Cloud computing evolves, becomes enterprise cloud-as-a-service

Over the past two decades or so, the concept of cloud computing has evolved dramatically, as new data centre and networking technologies came to the fore, and new types of ‘cloud’ emerged.

Over the past two decades or so, the concept of cloud computing has evolved dramatically, as new data centre and networking technologies came to the fore, and new types of ‘cloud’ emerged.

While the cloud’s roots may be traced back to computing from decades past, the tipping point is often considered to be the introduction of SalesForce.com in 1999 – pioneering the concept of hosting enterprise applications online, and making them accessible via a website.

A few years later, we started building large centres to host data and processing capabilities for a multitude of enterprise applications (via platforms such as Amazon Web Services). Then, about 10 years ago, cloud entered the ‘everyman’ lexicon, hosting the new wave of smartphone applications, and powering new online business services (such as Google’s suite of enterprise services).

The data centres got bigger – often housed in desolate expanses in places like Utah and Nevada in the US. To cater for all business needs, public clouds, private clouds, and then hybrid clouds evolved. They became richer and more powerful in their capabilities, and in more recent years started integrating advanced artificial intelligence (AI) features to make sense of all the data and help guide business decisions.

The cloud advanced from simply a ‘place to host software’, to the nerve-centre of the enterprise that fuelled new insights, new understanding, and breakthrough innovations that truly changed the world.

Those companies that saw the potential of the cloud in their industry – the likes of Netflix (broadcasting), Tesla (automotive), Amazon (retail) and AirBNB (hospitality) – were able to entirely re-shape their markets and net incredible returns.

The next era

So, what is the next chapter in the story? How can the next evolution of the cloud be defined?

Anton Jacobsz, MD of African value-added distributor, Networks Unlimited, notes that his team has selected HyperGrid as one of its key vendor partnerships, due to HyperGrid’s strong vision for the next era of cloud computing.

“HyperGrid is passionate about the concept of enterprise cloud-as-a-service – which we feel reflects the growing maturity of the cloud, incorporating all the lessons from the past 20 years, and all the advances in the technology and the enabling ecosystems,” he says.

“Enterprise cloud-as-a-service – or ECAAS – is the culmination of years of effort. It truly addresses all business needs, nullifies all potential concerns, and allows the organisation to imagine a world without limits.”

Pulling it all together

“HyperGrid’s main focus today is to simplify IT by providing a highly secure public cloud experience everywhere, for any application on any cloud or any infrastructure.” explains Doug Rich, VP of EMEA at HyperGrid. “ And through ECAAS, we can provide all the benefits of a public cloud, but on premises.

“ECAAS can essentially be summed up by saying that CIOs get all the control of a private cloud environment, but with the efficiency, limitless scalability, and rapid ecosystem development of the public cloud,” he adds.

Rich refers to a recent blog written by Jennifer Gill, VP, Content Marketing at HyperGrid, which highlights the following key characteristics of ECAAS:

  • Full control: Compute, networking, storage, applications and other services are all located within your own data centre – alleviating any concerns about data privacy, governance or sovereignty.
  • Automated management: Though all intelligence is held within your own data centre, the in-house IT team is able to hand-over full responsibility to their partners (freeing the CIO’s team to focus on strategic partnerships with business stakeholders, new innovations, and new revenue-generating opportunities).
  • True consumption-based pricing: Unlike leasing or subscription pricing, with ECAAS you’re billed only for the resources and applications that you use.
  • Orchestration across multiple clouds: Whether you have data and services located in one environment, or spread across 10 different cloud platforms, everything is effectively managed and reported on in a consolidated fashion.
  • On-demand resources delivered with simplicity: As your needs evolve, you can instantly add and remove new services, applications or computing resources as needed. With simplified end-user interfaces, gaining access to new infrastructure is as simple as clicking a few buttons.

The cloud has certainly matured. Along the way, we’ve made a few mis-steps and taken some wrong turns… and for many large enterprises, their cloud landscape has become complex, fractured and expensive (Gartner research shows that large organisations are managing on average 4.6 different cloud platforms).

But, Jacobsz explains that with ECAAS, this complexity can be abstracted: “The cloud can finally start delivering on its grand promises. We have come a long way in the past two decades, and with ECAAS, we’ll position ourselves to take the next step.

Anton Jacobsz is the MD of African value-added distributor, Networks Unlimited.