Josh Davis
Josh Davis
Nov. 20, 2015

Lame Excuse #142: “The Cloud isn’t secure enough.”

You are the IT leader in your organization.  You’ve weathered the cutbacks of 2002 and staffing adjustments in 2009.  You are a gnarled veteran of seemingly endless budget cuts and layoffs.  And now you’re being asked to evaluate Cloud options for new services.  Can’t anyone see that trying to just keep the wheels on has become a day-in-day-out grind?

Unfortunately, your role has become the standard for most companies outside of the Fortune 1000.  There’s no time to think strategically – only tactically.  If you think you’re not “that guy”, take a look at your to-do list… same as it was Monday morning, and now it’s Friday evening.

Worse, your challenge now is to slow the flood of requests for new services long enough to do a little more than a Google search of Gartner Magic Quadrants!  And then it hits you – information security has written the latest cautionary tale for Cloud apps. Stop the press!

Do you feel safer putting your money in your mattress or in the bank?

Banking costs a little more, but you know, when everyone pays a little bit, services become better and more affordable.  The same is true with the cloud.

Sure, the Cloud is more expensive than buying a server. In the Cloud, you get a LOT more than just CPU’s, memory, storage, and power. You also get a worry-free, stable yet current environment… not to mention a secure one.

money under matress

Security is a priority to Cloud providers.  The products and people responsible for managing the environment are a priority as well, but they manage thousands of systems to a high standard in a data center that few could dream of, much less afford.

For most of us, this is a much more secure environment than we would have created for ourselves.  In fact, this is often a more secure environment than we could afford to provide ourselves with.

And if you’re thinking your on-prem environment is secure enough, ask yourself…

  1. Do you have staff dedicated 24/7 to security – monitoring and responding to threats?
  2. Do you have a current threat matrix?
  3. Is your Security Plan reviewed on a regular basis?
  4. Does your Security Plan include a communication plan?
  5. Do you test your Security Plan regularly?
cloud

Not all on-prem security is bad, and not all Cloud security is good. You’ll likely find that a blend of on-prem, hybrid, and public is part of overall total solution.

And by the way, you already know not every Cloud provider offers an exceptional level of security.  So how do you tell who is most secure?

Put your vendors to work for you. Let them do your research and cost comparisons. Let them tell you where their competition is weak. Trust me – two or more vendors doing your research can be a great time-saver.  Give them tasks with specific deadlines.  You may be surprised.

So, I’ll spare you from reading my next blog…

Lame Excuse #143.  The Cloud isn’t compliant enough.