Cloud Computing and Cloud Security: Tech Trends Cheat Sheet, Part 2
Cloud computing has been getting buzz for years, but not everyone is ready. What are the pros, cons, and cloud security musts?
In last week's Tech Trends Cheat Sheet, we talked about the pros and cons of BYOD and Big Data. As it turns out, both of those trends have very real benefits for the enterprise. But what about another of the popular buzzwords, cloud computing? What can the cloud do for real-world businesses? Read on to learn the pros, the cons, and how to ensure a successful cloud deployment.
Cloud computing: The pros and cons
Cloud computing comes in an endless variety of flavors, with cloud service providers (CSPs) offering infrastructure, platform, and service and application solutions to fit just about any business size and need out there. SMBs in particular can benefit from cloud-based office productivity suites. From email and file storage to CRM and even load balancing and failover, it seems the cloud has something for everyone.
Pros: In the pre-cloud days, adding more storage, enabling better sharing and collaboration, or deploying new applications meant purchasing and installing new hardware and software. It entailed significant effort and expense. Cloud computing typically eliminates the need to add new equipment on-premises and can replace endpoint software with Web-based services, cutting costs. CSPs' economies of scale often help cut costs to the enterprise even further, and cloud computing is usually more flexible and more easily scalable under changing business conditions than on-prem deployments. Finally, cloud services can improve the availability of enterprise data and applications, which can be critical for organizations with very mobile workforces.
Cons: Cloud computing isn't all stars and rainbows. Cloud security and regulatory compliance are major concerns. The more sensitive data an enterprise puts in the cloud, the more vulnerable that enterprise becomes to data breaches, not only from hackers, but also from well-meaning employees misusing cloud services, potentially causing serious compliance violations. Organizations concerned about government surveillance should also know that agencies like the NSA have been known to compel CSPs to disclose user data without the users' knowledge or consent.
Optimizing networks for cloud computing
Cloud computing shifts the focus from the LAN to the WAN, especially when organizations turn to cloud services for more bandwidth-greedy applications like video collaboration. Ensuring reliable cloud app connectivity and performance may demand more capacity, something that many businesses aren't committed to adding just yet.
To ensure that your organization's network is up to the challenges created by cloud computing, our Data Center blogger Art Cole recommends taking a close look at WAN acceleration and optimization equipment and services. The latest release from WAN optimization vendor Exinda aims to move beyond traditional WAN acceleration and optimization into holistic WAN orchestration. Ipanema, meanwhile, believes that WAN optimization as a service is the way to go. And software defined networking (SDN) over the WAN looks poised to solve next-generation WAN problems.
Cloud computing security challenges and solutions
In addition to connectivity challenges, you'll also have to solve cloud computing security and compliance issues, too. One of your first steps must be to take control of your organization's cloud use. The accessibility and affordability of many cloud services makes them easy for employees to adopt—in some cases, too easy. Shadow IT, in which workers use cloud applications without IT's knowledge or approval, can poke big holes in your overall security posture and compliance status. To effectively manage your enterprise's cloud use, you'll first have to develop and communicate a clear cloud and data use policy, discover all your employees' cloud applications, and lock down any that create compliance violations or unacceptable security risks.
Once you've taken control of what cloud applications your organization uses and what data it puts in the cloud, you'll also have to secure that data. It seems clear that cloud data encryption will play a key role in cloud security. Ensuring that your CSPs never experience a breach would be impossible, after all, so you must instead mitigate the risks of exposure in the event of a breach. Encryption, paired with tight control over access to the encryption keys, is your best bet: no matter who gets access to your data while it's in the cloud, they won't be able to view it in the clear without your keys. And in addition to cloud data encryption, other cloud-focused security solutions are emerging, many of the best reviewed by our Frank Ohlhorst.
Finally, if your organization's security or compliance needs are so limiting that public cloud applications simply can't cut it, you can still enjoy some of the benefits of the cloud with a private or hybrid cloud deployment. Private and hybrid clouds will demand some adjustments to your network infrastructure and data environment but can pay off in terms of better security and control. New cloud-in-a-box appliances, meanwhile, look to be a viable option in certain industries, like the life sciences.
The cloud is here, and it isn't going anywhere. But cloud computing, like BYOD, isn't as easy as it may appear. With the right planning and implementation, however, your organization can reap the rewards without running all the risks.
Stay tuned for future installments of our Tech Trends Cheat Sheet series, including the rundown on the Internet of Things and software defined networking. And if you haven't already, check out the first of our Tech Trends cheat sheets, which covered BYOD and Big Data.
Header photo courtesy of Shutterstock.
Jude Chao is managing editor of Enterprise Networking Planet. Follow her on Twitter @judechao.