Is your enterprise fully in the cloud or working from a mixture of software-as-a-service and on-premises solutions?
For many Australian organisations, it’s the latter. They’re halfway there and livin’ on a prayer, as Bon Jovi memorably put it back in 1986; running hybrid environments comprising a blend of off and on-premises systems.
The benefits promised by cloud – agility and economy – are key to competitiveness in the digital era but the transition process is often more complex and protracted than anticipated.
Managing cybersecurity in the interim can be complicated, without a robust IT identity platform.
Cloud head first?
Investment in the as-a-service computing model has soared in recent times, with 2018 spending on public cloud services expected to reach $4.6 billion in Australia, according to Gartner. The same research report from Gartner cites that software-as-a-service comprises the bulk of the spend, at $2.597 billion, while platform-as-a-service and infrastructure-as-a-service accounts for a more modest $253 million and $536 million respectively.
At least one third of Australian businesses now use commercial cloud computing services. The majority of those at the bigger end of town, according to the Australian Bureau of Statistics.
The hard to manage hybrid
Wholesale shifts from on-premises to in the cloud are the exception, rather than the rule. It’s more common for organisations to dip a toe or a foot in the water before going all in. Customised, business critical applications are still running in-house in many Australian organisations, via either the data centre or private cloud, alongside SaaS offerings from new and existing suppliers.
Managing cybersecurity is not an easy undertaking when apps and data are stretched across a disparate array of infrastructure and networks. In many instances, it’s not a short-term challenge either. Determining the optimum cloud architecture for an enterprise’s unique business requirements in a rapidly changing commercial landscape and then putting it in place can take months and years.
While enterprises grapple with the challenges of digital transformation and the shift to the cloud, threats posed by hackers and cyber-criminals continue to heighten.
Early in 2018, Cert Australia noted malicious cyber-activity against Australian organisations was continuing to increase in frequency, scale, sophistication and severity.
The reach and diversity of adversaries is also expanding as hackers and cyber-criminals continue to explore innovative ways to infiltrate government and private networks.
Meanwhile, beefed up data protection regimes, at home and abroad, have made privacy breaches a potentially pricey business and comprehensive security measures across the enterprise a more vital investment than ever.
February 2018 saw the introduction of new laws requiring Australian businesses with annual turnover in excess of $3 million to notify their customers and the Office of the Information Commissioner within 30 days of a suspected data breach. Companies which don’t comply, or fail to remediate adequately, may be hit with fines of up to $1.8 million.
Further afield, the EU’s GDPR legislation, in force since May 2018, gives enterprises just three days to report and remediate breaches. Serious non-compliers can be slapped with fines of up to 20 million Euros or four per cent of global turnover, whichever is greater.
A robust hybrid IT identity platform designed to enable enterprise transitions can make the shift to the cloud smoother and safer. It can be leveraged to connect users with applications, regardless of where identities are stored and applications reside.
With a robust system of protection in place which can straddle both off and on-premises infrastructure, Australian organisations are better positioned to pursue a move to the cloud with confidence, regardless of the route they take.