How to manage cloud computing & security with IBM’s William Tworek
Cloud Computing and its associated data security have been a major IT fundamental shift in the last half a decade or so. IT departments have been looking at these concerns and also evaluating their internal systems against cloud-based IT systems seeking the promised benefits from the same.
Concerns around data-security have been a major point-of-consideration for the move towards cloud-based IT systems and data transitions associated with the same. Adopting a cloud requires Organization to trust a third-party with information about your business.
Most firms have been apprehensive of data transitions to cloud-based systems for their mission-critical systems such as customer information data sets and in case of huge IT infrastructure for multinational firms, data privacy laws also come into governance planning.
Even though there are many concerns but Cloud computing promises great benefits such as cost savings, access to sophisticated technologies with ease as well as a pay-as-you-go model.
These potential factors certainly have a very positive impact on the business performance as well as sustainability. Especially small and mid-size business who have not had access to technology as well as have limiting cost considerations can certainly benefit from Cloud-Based Systems.
Tuck School at Dartmouth University promotes Industry Interactions as part of its Britt Technology Impact Series. As a student fellow for the Center for Digital Strategies, I had an opportunity to discuss Cloud Security with William Tworek, Director of Security and Privacy, IBM Saas.
His areas of interest are cloud and mobile security including how to secure IBM’s internal businesses.
We discussed the business concerns around security of Cloud-based systems which were required to be understood better as well as needed conceptual and technological solutions to make cloud computing a viable solution.
The fundamental question we started the discussion with:-
As the IT department sees it, for the first time, Data moving outside of the servers of the firm towards third party service providers, what major security and privacy concerns does that raise?
He suggested that rather than seeing it as a threat, IBM is trying to differentiate itself from its data security services for cloud infrastructure. Also, IBM is looking to bring their in-house expertise in running IT infrastructure to Cloud-based Infrastructure too.
He also pointed out that, it is an organizations choice to choose a level of security which they want for their Cloud Infrastructure.
Hence, in a way, cloud computing infrastructure with proper measures will actually increase your level of security. For e.g. choosing appropriate cloud-based back-up of data at different cyber locations can help prevent permanent loss of data. Also in case of network unavailability at one center, the replicated data from other locations can provide immediate service.
Few points of considerations which came out during the discussion are:-
1. Feasibility of big public clouds for sensitive data such as a corporate ledger, Retail systems with credit card data etc. is a major issue in cloud adoption. Larger firms consider that private clouds are more suitable for such needs.
2. Other Cloud Advantages like Cost efficiencies such as reduction in working capital requirements and improvement in server utilization.
3. Industry dynamics like fueling a basic change in the Customer-Vendor relationship towards a more transaction-based services.
4. And more such significant issues such as related to Vendor Lock-In of data with Cloud providers etc.
Here is the complete discussion to understand some of the more accurate basics around cloud and security
Conceptual and technology solutions around Cloud Computing still continue to be developed.
All around us, we have all come to love and adopt Software-as-a-Service (SaaS) based pay-per-use or pay-per-month solutions. And cannot thank Cloud based IT Infrastructure more, for making it
1. So easy to access even technically sophisticated applications
2. Lowering of fixed costs of investments
3. Getting latest versions of software automatically without the need for manual updating
4. And, 24*7 access over internet to work from anywhere
And as was discussed in the interview with William Tworek
“Fundamentally Clouds are just servers, storage and networking “