DataCenterNews Asia Pacific - Specialist news for cloud & data center decision-makers
Story image
Exclusive interview: TmaxSoft on protecting your assets in a hybrid cloud world
Tue, 31st Oct 2017
FYI, this story is more than a year old

Gartner predicts that the Asia-Pacific (APAC) public cloud market will grow at 17.7% in 2017, compared to a total $10 billion compared to last year.

And by 2019 – this number is expected to reach $13.6 billion with APAC countries such as Singapore, Hong Kong and Australia leading the way.

These are two findings David Kim uses to illustrate the state of APAC's cloud security landscape during an exclusive interview with TechDay.

Kim, the managing director, SEA, of TmaxSoft, says that cloud computing has transformed today's IT infrastructure, with adoption in Asia Pacific (AP) on the rise.

“Companies that try to stay relevant and competitive are migrating to cloud and see it as a stepping stone to elevate organizations to reach business goals.

“Traditional and data-sensitive industries such as banks, telecommunication providers are considering moving its operations to the cloud to remain agile and cost effective.

However, despite the benefits cloud has to offer, Kim says, “a fair number of businesses in Asia remain hesitant to jump onto the bandwagon, citing security to be a primary reason.

Among the cloud hype, Kim predicts the emergence of hybrid cloud will be a game changer for CIOs.

“The hybrid cloud model is reliable, fast and secure that reinforces digital momentum. Research firm IDC predicts that more than 65% of enterprise IT organizations in APJ will commit to hybrid cloud architectures by the end of this year.

Kim says that in 2018 we will notice more businesses adopting hybrid cloud and working with service providers and system integrators to create hybrid environments.

In this exclusive interview, Kim discusses the future of the hybrid cloud marketplace in APAC, how cloud security in hindering cloud adoption in this region, and he shares his top cloud security tips for APAC enterprises.

What are some of the common cloud security threats today?

As organizations now embrace digital transformation and turn to technologies such as cloud, it becomes an attractive target for cybercriminals.

Enterprises are seen placing cloud security as a top priority in their business strategy, enabling better performance with minimized risk, driving tangible business value.

Security threats for enterprises on cloud mainly come from two sources, one is virtualization, using hypervisor and the other one is the outsourcing model of cloud services.

Hypervisor or a virtual machine monitor is a relatively new potential cloud risk that runs on one or more virtual machine, making it a primary target to vulnerabilities.

Other cloud security threats include data breaches, especially for data-sensitive industries such as healthcare and financial information.

Organizations that deploy cloud technologies without adequate understanding of the operating environments, could lead to higher exposure to various types of risks such as compliance, financial and technical risks.

Cybercriminals may use the cloud as a platform to support other hacking activities such as phishing attempts and DDoS attacks by using cloud resources to break encryption keys.

For systems and devices that are connected to the cloud, they could be even more vulnerable to malware.

While cloud provides convenience to users with always-on access capability, it could put data at risk without sound endpoint protection and open ports awareness.

Is increased adoption of encryption best means to protecting data?

Without a doubt, encryption is considered as one of the best ways to protect data in today's world and ultimately, it's the responsibility of every organization to ensure the encrypted keys are well protected.

Encryption adds several protective layers to a file to make the contents unreadable without a password, or other background keys and account privileges for example.

We at TmaxSoft take pride in providing resource efficient RDBMS solution that provides the highest security database encryption, that scales easily and conforms to today's cost optimised cloud architectures and is compatible with the legacy vendors' database products offering minimal disruption to their business.

In addition, limiting to a number of authorised people to access the data systems can help minimize the potentials of data breaches.

In terms of an increase in adoption of hybrid cloud strategies today, how much of a concern is security when data is held in more than one type of cloud? Is security even further compromised and a bigger challenge?

Cloud computing and digital infrastructure allow companies to stretch boundaries and reach new levels.

For organizations embarking on this modernization journey, there is an opportunity to look at solutions that help them take advantage of more agile and affordable infrastructures.

Security has always been a constant concern for most of our enterprises today when it comes to flexible cloud adoption strategy.

We at TmaxSoft, are vendor neutral and collaborate with well-known entities to offer all kind of cloud offering such as public, private, hybrid and community cloud for our enterprises.

Fast-moving trends such as big data, hybrid/cloud data management, and the IoT–all offering agility, speed, scaling and high-impact business outcomes–enable incredible amount of strategic and tactical decision-making capabilities.

However, many legacy mainframe architectures are unable to support the demands of applications that support digital business, and they can pose serious headaches for businesses with sluggish and inert technologies looking to remain competitive and agile.

We work with CIOs around the world to offer them viable alternatives for modernizing their infrastructures to support the new demands of digital business.

What are your tips for enterprises wanting to adopt strong cloud security practices?

To ensure the data and assets in the cloud environments are being stored securely, enterprises can work with their security teams on how to implement the best cloud security practices.

First, educate and train your developers on cloud security processes and policies is important.

Discuss the challenges that the organization is facing in terms of cloud security, how to share the responsibility of the security issues and what solutions can be used to address these challenges.

Second, limit cloud access control strictly such as who can access the cloud resources, how they can access and what resources should put into the cloud.

Finally, adopting tools that can help automate security process and track and monitor workloads.

How does an enterprise ensure that their cloud service providers or partners are trustworthy in terms of cloud security?

As more applications move to cloud computing and digital infrastructure, it becomes imperative for businesses to stretch boundaries and reach new levels.

TmaxSoft's aim for 2018 will be to support businesses to take advantage of this fast-moving trend and offer them viable alternatives for modernizing their infrastructures to support the new demands of digital business and covert all legacy systems to the cloud.

As legacy vendors monopolized the industry in the past, the changing dynamics with customer's preference for alternative players like us has created a more symbiotic and competitive ecosystem.

We will continue to be at the forefront to provide our customers and partners with competitive and secure solutions.

With an expanded regional team in Asia Pacific, we aim to capitalize on the evolving database industry in the coming year as public and private clouds and security represent an area of great growth and long-term promise for the industry.