Does The Cloud Offer IT Managers More Or Less Security?

by drjim on November 14, 2013

As you move your IT projects to the cloud, are you becoming more or less secure?

As you move your IT projects to the cloud, are you becoming more or less secure?
Image Credit

The cloud has arrived, all hail the cloud! Hmm, just a minute here – has anyone taken a close look at just what moving to the cloud is going to do to the security of the IT projects that your team is working on? This cloud stuff is all new and it’s not clear that anyone really has their hands around just exactly what is going on. Is moving to the cloud going to make your next IT project less secure?

The Difference Between On-Premise Security And Cloud Security

If there is one set of IT manager skills that most IT leaders have learned over the years is that security is not something that you can come back to and add to an existing IT project. You have to design security into your project from the start. We’ve learned how to do this for on-premise projects – now we need some IT manager training on how to do it for cloud projects.

One of the biggest differences between an on-premise project and a cloud project is the scale and the speed of the projects. When we were working with an on-premise project, we knew that we had some time before the rest of the IT department would be able to set up our servers and properly secure them. This allowed us to develop software without having to worry about its security features until later in the game because we were not going live any time soon.

The cloud changes all of this. All of a sudden the servers that we’re going to be using can be set up in a day. Our project will be exposed to the rest of the company from day 1 and in fact it might also be available on the Internet. Additionally, the almost unlimited scalability of the cloud means that very quickly our project can exceed any security parameters that we may have designed for it.

The Need To Automate Cloud Security

One of the big differences between delivering an IT project for the cloud and delivering an on-premise IT project is that in the cloud everything moves a lot faster. With the arrival of self-provisional resources such as servers and storage, the time that it takes to set up the infrastructure for an IT project has been slashed.

What this means for your IT team is that the processes that are needed to put the appropriate security safeguards in place have to be automated. Firewall and access control polices need to be updated just as fast as you bring new cloud servers online.

The automation of cloud security has to go one step further. Since so much of your cloud infrastructure is going to be connected to the Internet, the monitoring of your IT project is going to have to done constantly. What this automated monitoring is going to have to be looking for is compromise and unauthorized access to your IT project’s servers and software.

What All Of This Means For You

There is no getting around it – the cloud has arrived and it is going to be a part of all of our future IT projects. We need to take the time to move beyond all of our IT team building activities and start to understand how moving our IT projects into the cloud is going to impact the security of those projects.

We need to realize that when we consider how to secure IT resources that are cloud based, how we go about doing this is going to have to be a different from how we used to secure on-premise applications and resources. The scope and the speed with which cloud projects move means that we are going to have to automate how we do cloud security in order to keep up.

Realizing that things have to change is the first order of business for IT managers who are moving their projects into the cloud. We need to take steps to make sure that the new IT projects that we are rolling out are going to be secure from the start. Learn what this means for your IT team now and you’ll have secured your future.

– Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Management Skills™

Question For You: Who’s responsibility do you think it is to make sure that the cloud that your company is using is secure?

Click here to get automatic updates when The Accidental IT Leader Blog is updated.

P.S.: Free subscriptions to The Accidental IT Leader Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!

What We’ll Be Talking About Next Time

So everyone can be an IT manager, right? If you said yes, then you’ve not met some of the managers that I’ve had to work for during my career. The answer is that no, not everyone has the required IT manager skills and they are not cut out to be a manager. However, knowing if this is that path that you should take is a very important question and just how you go about getting an answer to it is what we just don’t spend enough time talking about.

Be Sociable, Share!

{ 2 comments… read them below or add one }

Andrew - Server Space November 18, 2013 at 6:38 am

‘You have to design security into your project from the start.’

This is a key point. Security needs to be an integral part of all projects. Security should be a specific objective with in the project. Security can be woven into the project from the start, revisiting security options once a project is in place is a dangerous game to play.

Reply

drjim November 21, 2013 at 10:09 pm

Andrew: You are 100% correct. The worst thing that we can do is to try and go back to design security in after a project has been completed!

Reply

Leave a Comment

Previous post:

Next post: