By David Browne, head of GTM SEACOM South Africa
Cloud computing is now the standard by which every enterprise’s IT infrastructure is judged. According to the Africa Cloud Business Survey 2023 by PwC, 50% of companies have already adopted cloud technologies and 61% are planning to migrate all their operations to the cloud within the next two years. Interestingly, 40% of companies are focusing on a combination of migration, modernisation and cloud-native development to change the business – going above and beyond a simple lift-and-shift approach of migrating exact copies of applications and workloads to a cloud environment. This approach, combined with the overall move to cloud environments, can lead to several questions about security.
According to a local survey, 89% of South African business leaders view cloud security as a major concern regarding protection of cloud workloads and multi-cloud environments. For many, this prompts the question: Is the cloud more secure than on-premise operations?
The need for cloud security
Cloud computing represents an expansion of a company’s IT networks and systems beyond conventional infrastructure. For many local enterprises, cloud services are a cost-effective means to scale upwards: investing in computational power without purchasing additional on-premise hardware. There are many other benefits, especially in terms of availability and negligible downtime. For example, many organisations do not have backup power supplies for their IT infrastructure during load shedding. Moving infrastructure off-site and to facilities that offer backup power solutions minimises the potential for service disruptions.
However, with the evolving and intricate nature of cloud operations, there is an escalation of cybersecurity risks. Criminals are leveraging the cloud to carry out more sophisticated attacks using cloud-based services as well as exploiting vulnerabilities in cloud infrastructure. Global reports show hackers are increasingly targeting cloud services and relying less on malware to compromise business data and applications.
How do you best meet your enterprise's computational needs[EL1] ?
On-premise versus cloud
When it comes to security, on-premise and cloud each offer unique advantages. With on-premise networks, enterprises can be assured of their systems’ physical locations and circumstances. They know where they are stored and who can access them at any given time. Enterprises can also implement changes and conduct maintenance on-site, which is essential for organisations with specialised IT requirements.
Importantly, on-premise networks allow for a well-defined security perimeter. All network traffic can be routed via physical security appliances, enabling enterprises to monitor and mitigate any potential risks. With all traffic inside the perimeter, there is less risk of incidents such as compromised user credentials.
Cloud service providers are subject to strict and standardised security standards, meaning all data and assets are treated equally. Because it is a managed service, the cloud also enables enterprises to free up resources and people to focus on other business priorities like application development.
In addition, cloud services can help enterprises lower operational expenses as they do not require significant investment in on-premise security resources and personnel. They also offer additional data and network backup capabilities, which enhance an organisation’s level of protection and complement data compliance strategies.
Invest in what works for you
For many enterprises, a combination of cloud and on-premise security is the optimal way to go. With both, companies can host critical systems on-site and leverage cloud-based operations for other functions, particularly workloads that have greater computational demands.
In the same way enterprises can rely on cloud service providers to handle security, they can turn to their IT partners and vendors to help meet their on-premise security needs. In partnership with vendors, enterprises can leverage on-premise security solutions that simplify IT security, including unified threat management, which provides a single point of protection and makes it easier for IT managers to look after their networks.
Whatever the situation, enterprises in South Africa can leverage the full potential of cloud and on-premise IT operations in a way that helps alleviate security concerns.
[EL1]Hans: I placed the original sentence at the beginning of the article (the blurb) and edited it here to avoid repetition.