Learning from Evolve.Cloud

The Evolve.Cloud conference in Sydney concluded with a number of take-home lessons for attendees—starting with consumerisation.

Dave Asprey, VP Cloud Security at Trend Micro, talked at length about the changing landscape of mobile devices and the integration of consumer-based products into the workplace. Inevitably, he said, new consumer technology spreads to the office, where it can become a challenge for IT, particularly in relation to security. The problem, he noted, isn't just that these devices can open entry points to the network, but that employees can disseminate potentially sensitive information, for example through social networking services.

Part of the reason for this, he says, is that people live their lives through their smartphones, tablets, and laptops and using services like Facebook, Twitter and Gmail. Often these gadgets do double-duty as work and personal devices, so it's not realistic or even desirable to limit the use of them in the workplace.

The solution, according to Asprey, is to secure the devices and secure the cloud services they use, with, of course, products like those offered by Trend Micro. For Mark McWilliams of Datacom, he imparts the wisdom that moving to the cloud will make you vulnerable, but—with total security an impossibility—the secret is in implementing enough security to make it not worth a hacker's time to get at your data.

He also noted that, importantly (and perhaps obviously) anything stored in the cloud should be encrypted. This way, regardless of whether there’s a breach by hackers or even accessing of your data through legal means (such as with the US Patriot Act for example) it remains safe. The encrypted data may be accessed, but as long as only your company has the keys to decrypt it, it will be nigh impossible to be breached.

John Sheridan, First Assistant Secretary Agency Services, AGIMO, says to think about Australian industry and data sovereignty—if data is hosted overseas, what are the rules of other governments? What rights would you retain with respect to preserving access and security of your data should a foreign power want to intervene? While this may be somewhat less complex if using Australian-based cloud services, by their nature, storage centres for clouds can often be global.

Finally Michael Barnes, Vice President and Principal Analyst APAC at Forrester Research Group, noted that transition to the cloud is inevitable for many companies, and that ultimately IT departments are going to be in competition with third-party providers. Depending on the business, this means for IT to retain control it's going to need to provide services faster and better than external providers. If this isn't a possibility, then IT needs to be prepared to move from a service-based resource to a management one, responsible for dealing with third-party providers.

Ultimately cloud services are increasingly becoming a part of the business landscape, but the degree to which they are utilised and the sometimes murky waters around access and ownership of data remain important considerations for companies looking at making a transition.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

More about APACDatacomDatacometworkEvolveFacebookForrester ResearchTrend Micro Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ashton Mills

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts