Why the Cloud is scoring on security

When it comes to switching to the cloud, security no longer needs to be an obstacle. With comprehensive security concepts and massive investments in IT security, cloud providers are now more secure than the infrastructure of many companies. If the in-house security concept is solid, too, cloud users can achieve an even higher level of security with disaster recovery-as-a-service or AI-based services for cyber security.

With the coronavirus forcing people to work from home, many companies are increasingly turning to cloud technologies. Once they take this first step, it’s not long before they’re interested in using the cloud for other applications, too. Managed services render a business more flexible in times of crisis – geo-redundant cloud environments are designed with this in mind. If IT staff are absent due to an illness or lockdown situation, other locations can take over and keep business running.

According to the “Cloud Security 2019” study performed by IDG Research, more and more IT directors estimate that their companies face more security problems in-house than in the cloud. 18.4% of the 350 survey participants indicated that data availability was the biggest advantage of the cloud, while 12% cited the superior data protection and secure data centers. The cloud security available through providers also received positive feedback. 51.6% of companies, by far the largest contingent, rely on Microsoft Azure as their computing platform. Azure users also reported the highest rates of customer satisfaction. One third of the CIOs and IT decision-makers surveyed reported that cloud provider certifications were especially important to them. With over 90 international compliance certifications specific to various countries and industries, Azure tops the list in this area.

German companies require high security. That’s another reason why many companies are opting to store their data in GDPR-compliant German or European cloud computing centers.  This way, they avoid suddenly finding their own data subject to a different set of legislation, e.g. if it’s stored on servers located on another continent. Providers like Microsoft use private-key encryption and confidential computing to ensure that cloud operators cannot view the data. There also has to be a clear commitment to IP protection on the part of the provider, e.g. when a company develops their own cloud-based AI or analysis applications.

Disaster recovery (the recovery of data and systems in case of a problem) is especially challenging for SMEs. That’s why fixed-price disaster recovery as a service (DRaaS) from the cloud provider can boost data security and system availability.

Increasingly, providers are also offering security services that utilize cutting-edge, AI-based monitoring solutions to protect against cyber-attacks and support comprehensive security concepts with central security control stations. The use of such security operation centers (SOC) is a growing trend. However, developing a SOC in which specialists from all different areas form “security incident response teams” is too big a project for an individual company. So systems are continuously monitored and checked for weak-points using specialized analysis tools, e.g. for intrusion detection: In this case, only “as-a-service” solutions would be cost-effective. 

For years now, cloud providers have focused heavily on security, frankly because their success depends on it. However, a large part of the responsibility remains with the business itself. A cloud strategy is therefore only as good as the in-house security concept. That means that companies have to clearly identify which data requires the most protection, where it is located and who is allowed to access it in accordance with compliance regulations. 

This is where the issue of access and permissions management takes on special importance. Companies already using MS Active Directory Services have a home field advantage. The access protection tool makes it easier to transition to the cloud. In a new IT security concept, user identity can be extended beyond the borders of the company. In practice, hybrid and multi-cloud environments are gaining in popularity. Market analysts agree – conventional IT security concepts are on their way out. Instead, all areas of company IT, both on-premises, in private and public clouds, must be comprehensively protected.

Want to know how your business can safely take advantage of the cloud? 

Sign up now for our free webinar “Why now is the best time to take your IT infrastructure to the Microsoft Cloud!” , Thursday 25th of June at 11 am. We will tell you what a professional migration concept should look like and which processes to transfer to the cloud first. 

Don't have time? 

Our white paper “The Key to a successful Cloud Migration” is a good place to start. Here you will find out, when it is worth starting, how to do it cost-effectively and much more.