There are a lot of big decisions and potential risks that go hand in hand with cloud migration.
Typically, an organisation needs to determine whether their most critical applications would perform effectively in the cloud, or if performance, latency, and security requirements mean they need to remain in a traditional on-premise datacentre. Or what additional steps would need to be taken to store compliance-heavy data in a shared environment?
Then there’s the visibility question. Will your SIEM platform also be able to correlate event information originating in the cloud with enterprise data to give you the full picture in real-time?
Sharing is caring as they say. But not when you could be putting your business’ essential compute workloads into technology shared with countless other businesses where if one suffers a breach or DDoS attack, their neighbouring cloud-hosted workloads also suffer.
So what factors should you consider and how do you ensure your service level agreement meets your security, speed and compliancy needs?
“On premise we’re able to control our security ourselves, very well” said Simon Leech, Chief Technologist, Security – Hybrid IT at Hewlett Packard Enterprise. “It’s important to take an approach to protecting that information that focuses much more about the security of the information as opposed to the security of the infrastructure. We refer to that as data-centric security.”
Listen to the podcast:
Read Simon’s blog post about due diligence in the cloud here.