What we need to do to secure our clouds?

By Rajesh Awasthi

The accelerated digitalisation to ensure business continuity has made the transition to cloud technologies essential for Indian businesses. As organisations increasingly embrace digital technologies, the dependence on cloud increases. And along with this, cloud security is a key challenge that companies have to face while making this transition.

Growing dependence on cloud
As per NASSCOM, the Indian Infrastructure as a Service (IaaS) market will grow to be US$ 2.4bn by 2022. Similarly, the Indian Software as a Service (SaaS) market is expected to reach US$ 3.4bn by 2022. With the advent of 5G, digital technologies will turn more profitable and convenient and the SaaS and IaaS markets are likely to surge in the near future as more enterprises invest in cloud services.

All of this has resulted in hybrid operational models, as more and more people are moving away from physical offices to digital workplaces.

State of Indian cloud security
While a cloud-first strategy has tremendous benefits for businesses and the economy, it is the state of Indian cloud security which is perhaps the biggest concern and challenge faced by businesses and enterprises.

As per The State of Cloud Security 2020, in India, 93 per cent of organisations have faced a public cloud security incident in 2019. The cyberattacks included ransomware (53 per cent), compromised accounts (48 per cent), exposed data (49 per cent), other malware (49 per cent), and crypto-jacking (36 per cent).

Hence, it is imperative for organisations to invest in cloud security which is vital to build confidence across businesses that is already going digital across the globe. To be at par with the advanced quality of services being provided in other developed and growing economies, India needs to develop stronger policies, frame legal framework consistent with global regulations and standards to build a conducive environment for stronger cloud security in the country.

Other than policy interventions, the situation warrants high investment in data security which is expected to boost the cloud security segment. With the Indian cloud security market growing by 300 per cent in 2018-2019, it is further expected to grow at CAGR of 23-25 per cent from 2019-2027.

However, for the cloud security segment to achieve this kind of growth, it has to address several challenges. At the onset, organisational readiness to undertake transformation is a primary concern. The basic concerns include the dynamics of security compliance, security operations, protecting identities, data classifications, data storage, backups and privacy and user access management.

The lack of skilled workforce to manage cloud operations and overall transformation is the next major challenge. There needs to be a dedicated focus on establishing institutions, devising courses and training programs at higher education levels to create a qualified and competitive workforce to deliver secured cloud services.

There are also certain challenges for choosing the right cloud deployment model and return of investment. In order to identify the right cloud deployment model, organisations need to analyse business objectives with regards to IT architecture and skilled human resource as well as, according to the deployment model, ascertain split of responsibilities while redesigning internal processes.

Changing landscape
Today, employees are connected virtually more than ever before. This change has also triggered bring-your-own-device and other device-agnostic mindsets which has seen a shift in employer behaviour who are consistently exploring new work models.

For organisations, it has become important to ensure high-performance, secure access for employees as the hybrid workplace is now a norm. This essentially results in a flexible work culture, which is not bound by geographical boundaries. The future of work would entail an appetite for flexibility, investment in digital infrastructure and special focus on securing the digital workplaces.

Also, organisations would increasingly opt for digital and automation technologies to reduce manual intervention and increase efficiency along with other business objectives. With Artificial Intelligence (AI) being the key to diversify human thinking, many global leaders also see AI creating a positive impact on the future of work, ensuring more productive and efficient results.

Many organisations have already implemented automated tele-calling, chatbots, voice assistants, and so on. Furthermore, intelligent automation technologies including robotic process automation, industrial automations, and such are also being adopted.

Cloud-first strategy
Keeping pace with the changing landscape and evolving business needs, India needs to adopt an ‘internet-first’ ‘cloud-first’ strategy. A robust cloud-first strategy will help optimise operations and reduce maintenance costs and downtime. We need to accelerate cloud deployment for speed and agility by hosting public and critical applications on cloud for seamless and secured access for users from any location.

Cloud also helps build and deploy applications in a scalable manner using containers and microservices. It smoothens the implementation of new-age technologies like AI, analytics which help churn insights from large volumes of data, thereby adding a layer of intelligence and automation to the system.

It is important to enable better monitoring and provisioning to ensure enterprise-wide unified monitoring and control of IT infrastructure. Various sectors need to adopt 360-degree digitisation and become truly digital across the entire business ecosystem to ensure seamless operations across all locations. Therefore, there is a need to direct and support organisations to set-up end-to-end security, to manage operations and processes, and to ensure compliance.

The role of Managed Security Service Providers
One of the most effective ways to ensure stronger cloud security is by promoting Managed Security Service Providers (MSSPs). Considering the rising data volume and operational and management complexities, MSSPs are imperative to continuously re-evaluate cloud infrastructure from a security perspective.

MSSPs help organisations to design the right foundation for cloud security supporting organisational transition from the assessment phase, through migration, to daily management. They can also fill in the talent and skill gap.

Cloud adoption: No longer a choice
Essentially, cloud adoption is no longer a choice. Amid the pandemic, it has proven to be more than about cost saving. Cloud has proven its ability to improve productivity, agility, and resilience. Going forth, more and more industries will explore options on the cloud and they feel the need for advance technologies to ensure cloud security.

As we move towards realising the vision of Digital India, most enterprises for business and customer needs would shift to cloud technologies and existing ones would rapidly scale-up due to the growing data volumes and business needs. Securing the cloud would mean securing our businesses and economy, and we need to leave no stone unturned.