Despite the availability of multinational data centres in South Africa and the pressure to adopt a cloud model (whether that be public, private, or hybrid), many companies remain concerned about the cybersecurity aspects of making the transition.
This is an especially important aspect given the evolving regulatory environment that puts the priority on ensuring the safeguarding of personal information. Those organisations falling foul of this, or not doing enough to protect their data, face significant financial penalties. But perhaps more significantly, the damage to the corporate reputation is far worse given the highly competitive environment today. Customers are notoriously fickle, and if their service provider is compromised, there is very little stopping them from migrating elsewhere.
International research shows that 93% of companies are moderately to extremely concerned about cloud security. This is not without its merits. In 2018, cloud customers were hit with more than 680 million cyberattacks. From software vulnerabilities to stolen credentials and even the Internet of Things (IoT), no area of business could be considered immune to compromise.
It is therefore imperative for decision-makers to conduct an audit not only into their on-premise cybersecurity initiatives, but also their cloud-based ones. At a basic level, how many companies even give a second thought to the security of their data transfers to an off-site data centre.
This is where a trusted cybersecurity partner becomes integral to assist a company, irrespective of size or industry sector, to mitigate any potential risks associated with cloud environments. But it is not just about the provider. True cybersecurity includes having access to a security services platform that will assist the business to simplify its hybrid and multi-cloud security.
After all, cybersecurity has evolved beyond being only about firewalls and anti-virus. It must now encompass every touchpoint available to the organisation. Given the explosive growth of data access points, thanks to IoT, defensives can no longer be reactive. Businesses must be able to adopt a more pro-active approach to protect everything from the edge through to desktop computers connected to the main network.
But perhaps more significantly, the damage to the corporate reputation is far worse given the highly competitive environment today. Customers are notoriously fickle, and if their service provider is compromised, there is very little stopping them from migrating elsewhere.
A genuinely effective cloud security solution must be able to address aspects such as workloads, containers, file object storage, serverless, application, and network security; and security posture management. With many companies deciding on using multiple cloud service providers that cater to various business-specific advantages, the cybersecurity solution must integrate with their systems. So, whether the business is using Amazon AWS, Microsoft Azure, Google, or a combination of all three, protection must be consistent and uniform.
In recent years, organisations have begun rapidly adopting cloud infrastructure services. And the number of teams within an organisation who are using the cloud, making cloud infrastructure choices, and security decisions continues to grow as individual teams, and business units bypass IT.
Thanks to the consumerisation of technology, employees feel they no longer need to go through the IT team to get approval for that file-sharing app or a new piece of collaboration software freely available for download. For them, it is about implementing technology they are familiar with as consumers and using it to fulfil their business responsibilities. The problem comes in when these applications are seldom enterprise-class and might have significant vulnerabilities unbeknownst to the users. It is one thing to share a school calendar on such an app and something entirely different to transmit sensitive corporate intellectual property.
Making matters more complicated is the resulting explosion of security tools across the company. Inevitably, point solutions are used for every different type of infrastructure, which further introduces complexity and risk to the business. But instead of going this disparate route, a company should consider a security solution that evolves with the shifting technology landscape. Having such an integrated solution means the company has unified visibility on its entire network but provides a more enhanced way of conducting procurement and billing suppliers that is safe and user-friendly.
Migrating to the cloud in South Africa is going to be a priority for some time to come as more traditional businesses start making a move. Moreover, this will remain a pressing issue as decision-makers continue to balance and secure physical, virtual, and cloud environments efficiently.
Relying on a trusted partner that provides a comprehensive cloud security solution, therefore, becomes an indispensable step in safeguarding the most critical corporate asset – its data.
By Indi Siriniwasa, Vice President, Trend Micro Sub-Saharan Africa
Write to us email@example.com