The debate over cloud and on-site security solutions is no longer as fierce as it once was.
Cloud played a critical role during the COVID-19 pandemic, helping businesses shift to remote working to stay operational and meet new demands.
It allowed workforces to operate remotely, providing them with ready and secure access to the right systems and data.
With so many workers outside the corporate network perimeter, the focus shifted from securing a mass of workers concentrated in a few locations to a large number of employees dispersed across a wide range of locations.
Playing to the strengths of cloud
This shift played to the strengths of the cloud model, particularly the ability to deliver a consistent managed, defined, secured and controlled service across many locations. Unlike traditional enterprise software and applications, remote access is usually built into cloud-based solutions and applications.
As such, the cloud model makes it easier for employees to access data from different devices – laptops, tablets and smartphones – compared to more restrictive and platform-specific onsite applications.
The ability to store data centrally while enabling access from anywhere made the cloud well-suited to the dispersed business models that emerged from the pandemic.
Unlike the traditional on-site approach, where remote working is viewed as an addition to the existing business and security model, the cloud is often premised on supporting remote access because access to much of the cloud is remote-compatible.
This means cloud providers have developed expertise and models that are extremely relevant to supporting the future business path for so many enterprises.
Who is responsible for the data?
The biggest security concern about cloud computing is the movement of corporate data outside the organisation to be hosted by a third party.
Understandably, businesses can be nervous about handing over control of confidential data to a third party; but is that data really any less secure than it would be onsite?
Cloud companies have to conform to the strongest security and compliance standards because it’s critical to their business. If they don’t, no customers will trust them with their data.
Because of the way the cloud model works, cloud security is highly automated. This means that a consistent level of security is applied to all devices on your network, including automated patches and updates. This helps to reduce the risk of human error – a major factor behind security breaches.
On-site security is often more at risk from human error, because it’s far more hands-on. Also, all of the responsibility for monitoring and maintaining the security of your data rests on your business. With cloud, the responsibility is shared but more of the routine work is done by the cloud provider.
Is connectivity a weak spot?
Before the pandemic, cloud connectivity was a legitimate concern for many businesses. Accessing data from an internal device within the corporate network perimeter was very different from accessing data in the cloud. Additionally, transporting data to and from an internal device to an external location was felt to be more risky than keeping it within the corporate perimeter.
With so much work taking place remotely using external devices, secure connectivity is set to become a more prominent issue. This is something more businesses will need to invest in if they’re to sustain a dispersed workforce.
As a result, they are likely to be more engaged with getting the connectivity to match the requirements of the cloud model they have already adopted, or are in the process of adopting.
