11:45 AM
Is Compliance Preventing the Cloud From Reaching Its True Potential?
Innovation has become a board-level priority for all forward-thinking businesses over recent years, and IT security certainly has a central role to play. You might think that businesses operating in crowded markets and uncertain economic times would stick with the security practices they know and trust. But that line of old-fashioned thinking carries its own risks.
Security is now an essential component of true business innovation. Business leaders understandably fear being left behind and unable to take advantage of new technology platforms such as the cloud, while rivals develop and create fresh market opportunities. Ambitious businesses must not be dissuaded from experimenting with new technologies due to fears of lack of control over data protection and compliance. Indeed, they must embrace security as integral to the innovation discussion and not an obstruction, if they are to thrive and stay ahead of their competitors.
The fact that many businesses are faced with a constantly evolving and disruptive landscape impairs decisions over whether to adopt innovative technology models. Consciously or otherwise, prior experiences of data security challenges inevitably influence business decisions over how to reengineer or grow an enterprise to be more competitive. However all industries benefit from the free flow of data, and this is just one area in which innovative security practices and processes can really help businesses to retain and expand their client bases in new and exciting ways.
The most enticing avenue for business and technology innovation in recent times is certainly the question of cloud adoption. Despite early-adopter concerns over relinquishing control of data protection, these fears have proved unfounded. The cloud has typically transformed the ways in which businesses collaborate and deliver services to customers across the world. It continues to reduce the crippling overheads of infrastructure, increase flexibility, improve agility, and lower operating costs.
It does, however, seem that compliance is preventing the cloud from reaching its true potential, creating headaches for many IT professionals waiting to make their move. Objectively, it feels to them that, while the cloud wants to propel a business forward, compliance seeks to restrain it. Indeed a recent research report commissioned by NTT Com Security found that 86 percent still admit issues around data protection, legislation, and regulation are responsible for their slow adoption of cloud computing. So how should businesses overcome these hurdles and embrace innovation?
Increasingly complex data laws certainly do not help organizations striving to become more agile, efficient, and competitive using the cloud. Ultimately, data protection remains the responsibility of the business owner regardless of location, and not a third-party cloud provider. Yes, compliance often improves business and corporate governance, as well as providing direction for risk management. It also helps businesses to understand what the risks are and what processes and measures are in place to protect themselves. But those businesses also need to look further forward and work more flexibly with businesses and governments in this age of the cloud.
It is more important than ever for IT departments to invest in, develop, and enforce the most relevant skills and competencies for cloud adoption. A lack of understanding is putting individuals off from specializing in the cloud, despite its exponential growth. Businesses must understand the cloud better -- and the same applies for cloud providers that need to embed security into their services. Ensuring good security is a fundamental requirement of giving organizations the confidence and ability to adopt cloud services. It's time for businesses to go back to basics and stop trying to apply risk controls and regulations to a cloud business model that they don't truly understand. The priority must be to learn new skills first and, only once armed with the right knowledge, explore innovative technologies confident that this will improve business operations while also providing controls to manage risk.
What is clear is that in accordance with the law, the rise in adoption of cloud services and the increase in both security and compliance skills go hand-in-hand. Sound knowledge of security and risk management should be at the top of every organization’s cloud skills wish list. Perhaps innovation and compliance haven’t traditionally gone together, but, with the right methodical approach, they can help businesses to work without constraints, adopt the benefits of the cloud, and also protect their critical assets without the threat of hefty compliance fines.
Michael Gabriel is Director of Data Protection Practice at NTT Com Security. Michael Gabriel is an industry recognized expert in the field of data protection. In his role as a trusted security advisor with a global security consulting firm, Michael provides security ... View Full Bio