It’s believed that the term startup is a fairly nebulous term within the technology industry. There are a lot of opinions around what makes or shapes a startup; but despite varied opinions, the secret lies in an ambition to scale. It’s what separates them – the startups – from your run-of-the-mill local businesses. Think back to the vocabulary often used within the startup ecosystem – blitzscaling, growth hacking, rapid innovation; it sets the foundation for a startup’s ability to scale with pace, albeit also considering factors like market demand and robust business models.
But what is it that runs deeper, at the bedrock? The short answer is cloud technology, and cloud technology underpins business acceleration. It’s almost impossible to talk about scaling without it, more so for an entire generation of startups. In many ways, the cloud has been critical to the growth of new business models and methods of operation.
For example, consider the role of cloud technology in powering the gig economy; it’s epitomized startups, enterprise solutions and the eCommerce boom by facilitating the optimization of flexible working arrangements. Cloud technology also allows for a startup to save on infrastructural costs with IT, enabling the transfer of funds into product and research-led investments. There are employee cost savings to consider as well, with cloud eradicating the need for full-time IT staff. It’s also a safer place to store data.
Interestingly, the rapid growth trajectories of startups often imply shifting IT needs; cloud-driven flexibility ensures that businesses only pay for the resources they use, thereby improving cost efficiencies. Collaboration is another thing to consider. The point is, there’s a lot of praise to write about, enough to cover several articles. But we’re here to talk about the balance, something essential in the long term. You might be familiar with the concept and thought; it’s security.
Why Harmonize Cloud Technology with Security
Opportunity often allows room for threats when left unchecked. Swathes of invaluable data stored in the cloud makes for an attractive target. On top of losing customer faith, there are several detriments to a data breach, none of which require explanation. In recent months alone, we’ve witnessed major companies slapped with fines due to several security-concerned violations.
The Personal Data Protection Commission of Singapore shifted accountability to businesses by dishing the highest penalties ever recorded to several companies in 2019, over healthcare breaches. On the other hand, the Federal Government of Australia proposed an amendment to the Privacy Act, underlining increased penalties of up to 10% of a company’s domestic turnover for privacy breaches.
As threat actors gain on innovation with speed and suave, enterprises must keep pace and avoid letting their guard down with cloud security.
The imperative for a robust cloud security strategy is urgent, to say the least. McAfee’s recent Cloud Adoption and Risk report reiterates that urgency with merely 35% of APAC organizations identifying as able to enforce data loss prevention or DLP. Another stat from the same report highlighted how only 36% of organizations had control over how their data was shared.
With all that, how exactly should a business cover its bases when it comes to security?
Taking a 360° Approach with Cloud Security
Everything begins with culture. It needs to be top down; at the end of the day, security is easily implemented but hardly understood. It’s important for businesses reliant on cloud technology to prioritize education of employees on matters such as potential loopholes, or anything else exploitable. Even with people overseeing IT operations, it’s essential for a business to understand that not all employees may grasp at data security, more so its importance.
From the top down, decision-makers will be required to be strategic when it comes to distributing data access to employees. For example, it makes more sense for data sets to be accessible to essential personnel, with a robust system in place for accountability. From a 360° perspective, the vendor must play a part as well; as much as businesses are responsible for their own cloud security, cloud providers own the responsibility of protecting the integrity of their liable and service also.
Another angle to observe is in understanding which services hold a business’ most sensitive data. By bucketing to priority, it becomes possible to extend DLP policies to those services, or at least build them in the cloud. From a software point of view, businesses must focus on their DevOps teams as well, to manage and stay ahead of misconfigurations and avoid the possibility of a breach.
It’s said that you cannot go on the offensive without an impressive defensive arsenal. Ensure visibility of malware, root out infected accounts to eradicate the existence of a backdoor to your data. The numbers prove that being intricate matters. According to the same McAfee report, businesses are 35% more likely to launch new products, expand into new markets, and are also faster to market when using a Cloud Access Security Broker (CASB) to protect their data.
At the end of the day, be it booking a cab, ordering food on applications, or shopping for gifts on ePlatforms, the cloud has become one of the most revolutionary technologies of this generation. It’s been transformative, to say the least. There’s no doubt that it will continue to be an indispensable tool for brands and businesses worldwide. But it’s also important to remember the value of balancing business acceleration with security. That’s the only route to an all-encompassing approach to implementing cloud technology.
Rakesh Sankar
He can be reached at s.rakesh@globaledgesoft.com.
