Cloud migration is now the norm. When will security follow?
Sanele Ntoza, Channel Manager: F5 Networks at Westcon-Comstor Sub-Saharan Africa
Migrating cloud infrastructure has become part of the norm. Companies are realising the benefits of embracing multi-cloud and hybrid cloud environments to unlock more competitive value. Research shows that 93% of enterprises have a strategy catering for the former, while 87% for the latter. Regardless, there are several things to keep in mind, especially when it comes to the security of data integrity.
With most organisations typically overhauling their core architecture every three to five years, they already have significant experience on these projects to draw on. But as technology evolves, the pressure to increase performance, enhance security and reduce costs become substantial. Combine this with the growing complexity of the cloud, in whatever shape the company is using it, and you have a situation where new migrations have become increasingly challenging.
Review your world
Before any migration project, a company must first assess its current environment. This audit process must encompass not only the physical infrastructure, but the software and applications as well. Crucial to this is how all these systems and processes deal with data. These data dependencies will significantly impact on the migration to a new or even additional environment. Once completed, the company will better be able to identify those applications that can be outsourced to the cloud. For example, supporting an outdated HR system or homegrown sales automation tools might detract from more strategic imperatives. The business can save significant resources by subscribing to cloud-based solutions that do the heavy lifting.
Even some of those applications not outsourced can benefit from being reconfigured for the cloud. While this requires additional analysis on the likes of their data dependencies, the network services they use, and any potential workarounds on legacy systems, the time spent doing so can benefit the company in future migration projects.
A changing approach
Of course, this is the ideal time to scrutinise application delivery policies and data management at the organisation. This will highlight opportunities to standardise and automate where necessary. Everything from load balancing policies to storage tiers and network services can be reviewed to gauge their cloud readiness or ways to streamline their on-premises delivery.
Central to these considerations is identifying the users of each application and from where they will be accessing it. And depending on the type of application, user behaviour, connectivity and the required bandwidth must all be accounted for. Authentication and security must form part of every step of this process. However, traditional end-point or network-accessed protection measures are no longer good enough. This is especially the case when accessing cloud solutions where the company must adopt new identity and access management technologies it might not have even considered before.
Planning is a vital enabler when it comes to the cloud. This applies as much to the applications and data as it does to the architecture. Where once things could have been linked to specific IP addresses or other dependencies, it must be changed to reflect the new environment. From updating databases to introducing load balancing systems to manage increased network traffic to the cloud, companies must be mindful of all the touch-points this new environment can impact.
Hardly surprising then that migrating cloud infrastructure entails more than just dragging and dropping files to a new environment. Sure, this might be a simplistic way of looking at it, but the truth is migration projects are complicated. Some challenges must be overcome, and some systems and processes will be impacted. Understanding your environment and planning effectively will go a great way in mitigating many of these issues.