dcn-as logo
Story image

Three common pitfalls to avoid as pandemic accelerates Australian cloud adoption 

28 Jul 2020

Article by Nutanix A/NZ director systems engineering Tim Hartman.

COVID-19 changed everything. For Australian businesses, the need to rapidly implement wide-scale remote working strategies led to the swift acceleration of digital transformation efforts and the increased uptake of cloud technologies. 

According to Telsyte, Australian organisations will spend more than $1 billion on Infrastructure-as-a-Service this year as they adapt their operations in response to the pandemic. This represents a year-on-year increase of 23 per cent with much of the investment going towards the global hyperscale cloud providers.

It is understandable in the circumstances that so many businesses would turn to these solutions in the short-term, but organisations must now consider how they will harness these investments for the long-term – whilst mitigating against ever increasing risks.

Below are three of the key risks involved with cloud computing, as well as strategies for how to mitigate against them.     

Unauthorised access to data 

In June this year, Prime Minister Scott Morrison made the unprecedented announcement that a foreign government was escalating malicious cyber-attacks against Australian businesses, government agencies, and critical infrastructure. Further, the Australian Cyber Security Centre reported an increase in cyber-attacks in the wake of COVID-19 and the rise of remote working. 

Whether the attacker is a sophisticated state actor seeking intelligence, or a cybercriminal looking to make money by exploiting employee and customer data, breach strategies typically evolve at a much faster rate than security defences – and IT teams are faced with the almost impossible challenge of keeping up.

Cloud service providers host data from thousands upon thousands of businesses, concentrating risk to a single point of failure; one successful attack could represent an enormous pay off for attackers. In fact, last year the ‘Cloud Hopper’ attack campaign targeted Managed Service Providers specifically for this reason.  

And it is not just outsiders. Employees – or insider threats – can also seek to gain unauthorised access to your data. The act of migrating data storage to a third party also means that trust is shifted to their staff – and the vendors they outsource to – to do the right thing.

Mitigation strategy: There are three key ways to minimise the risk of unauthorised data access. First, do your research and only work with providers who have a proven track record. Second, encrypt your data. Data encryption at rest ensures data remains secure in the event of unauthorised access. Finally, maintain security best practices. Simple things like using strong passwords and enabling multi-factor authentication have an outsized impact on securing your data. 

Over-complicating your cloud network 

Technology is advancing quickly, and it can be difficult to keep track of the breadth of available options. It is therefore little surprise that 85% of businesses we recently surveyed reported that hybrid cloud was their ideal operating model. 

According to Telsyte, Australian organisations have on average four different cloud providers. Those without a business-wide digital strategy are likely to have even more. The risk of this approach, however, is over-complication; as a network’s complexity increases, so too does the cost of maintaining it.

Mitigation strategy: Automating the management and monitoring of multiple cloud environments can greatly simplify maintenance – both in terms of cost and the operational experience. This can be achieved by creating an abstraction layer between complex systems and those who use them, as well as ensuring you have an up-to-date business-wide digital strategy fit for today. 

Running afoul of compliance and legal requirements 

Depending on the industry your business operates in, you may be subject to certain regulations around data storage and security. Healthcare, financial services, and government have certain compliance requirements they must meet, while any organisation that accepts credit card payment must compliant with PCI standards to safeguard customer data.
When outsourcing the processing or storage of any data subject to regulation, a business is relying on a third-party provider to maintain compliance. Should a breach occur against a cloud storage provider, the business may be liable.

Mitigation strategy: It is critical to understand compliance requirements and responsibilities around data before engaging any third-party provider. Cloud storage is a hugely beneficial technology – but it isn’t for all organisations, or for that matter, all types of data. 

Ultimately, with a considered approach to cloud, many of the pitfalls can be avoided and businesses can reap the benefits of increased efficiency, reduced costs, and improved productivity. However, it’s important to be aware of the risks and understand that when it comes to sensitive and business-critical data, there’s a place for everything and everything should be within its place.  

Link image
On 10 December, find out how data centers will fare in the face of climate change
From pandemic disruption to the urgency to address climate change, data center development in Asia Pacific needs to remain resilient and sustainable. On 10 December, join this webinar to learn about viable solutions data center operators can use to overcome environmental challenges. Register now.More
Story image
Equinix accelerates new data centre development with US$144m investment
"The SG5 IBX data centre aims to create more opportunities for enterprises in the region to build a strong digital foundation, enabling them to develop into the digital leaders of tomorrow.” More
Story image
Tabcorp advances operations with Teradata AWS solution
Teradata has worked closely with Tabcorp to successfully migrate Tabcorp's legacy Oracle on-premises data warehouse onto Vantage, creating a new Tabcorp Data Warehouse (TDW) in the cloud on AWS. More
Story image
Webinar: The future of data centres in the face of climate change
Digital Realty has today announced a webinar based on its recent report exploring the role of data centres within the climate change debate, and will explore the viable solutions available to help data centre operators fight the rising tide of environmental challenges.More
Story image
How memory failure prediction keeps data centers and the digital economy up and running
The data center, now rightly classified by governments worldwide as essential critical infrastructure, has become for business and society what oxygen is for the ultramarathon runner, writes Intel general manager of data center management solutions Jeff Klaus.More
Story image
Dell updates data protection/management solutions
PowerProtect DP series is an integrated data protection appliance, offering a range of capabilities to protect and manage data.More