The enterprise is becoming steadily more dependent on the cloud in the never-ending drive for greater productivity, but is this coming at the expense of unacceptable risk?
A key component still lacking in many cloud deployments is visibility, according to data protection specialist CipherCloud. At the recent InfoSecurity Europe conference, the company polled several hundred attendees and found that only 15 percent were highly confident of their cloud visibility capabilities, while a stunning 43 percent reported no visibility at all. At the same time, only 11 percent said high-profile data breaches like Heartbleed have altered their cloud deployment strategies.
To that end, CipherCloud has come out with new cloud-ready tools for its Discover, Protect, Monitor platform designed to provide real-time, granular visibility into enterprise applications. The goal is to give IT managers the ability to analyze and rate the risk of cloud activities and then establish common security parameters and other policies. The system scales to thousands of apps, running the gamut from standard CRM and HR management systems to newer file sharing and collaborative services.
Visibility is about more than security and data protection, however. It also lets the enterprise gauge whether it truly is getting what it is paying for, and whether the results are worth the cost. As CompuWare’s Ronald Miller told CBR recently, the end-user experience is what really matters in the cloud, and without visibility we can’t tell what is happening out there. What’s needed, he said, is not only improved language in the SLA that spells out the enterprise’s right to visibility, but new toolsets that provide granular insight into user experiences so that the enterprise can accurately assess what types of resources and services it needs to support.
Since much of the cloud’s utility is based on throughput and resource connectivity, however, visibility into network infrastructure is crucial as well. Gigamon and Corvil recently teamed up to address this need, joining the Unified Visibility Fabric with Corvil’s Operational Performance Analytics engine to enable high-speed data capture, transaction monitoring and business analysis across virtual and cloud networks. The set-up utilizes the GigaVUE and GigaVUE-VM fabric node configuration to enable analysis on the virtual layer, which is better suited to peer into the growing amount of east-west traffic that is usually hidden from standard monitoring systems. At the same time, analytic results can be used to dynamically optimize network performance and mediate between virtual and physical resources.
Any time data leaves the confines of owned-and-operated infrastructure, the risk of loss or compromise increases. And by nature the cloud is, well, cloudy. But the convenience of self-service provisioning and broad scalability should not come at the expense of security and reliability – something that individual users may not realize but should be painfully clear to IT professionals.
If visibility into the cloud is lacking, it is the enterprise that will suffer the consequences. And the first people front-office executives will come looking for following an incident will be those who are tasked with maintaining the sanctity of the enterprise data environment.