There is no mistaking the acceleration in adoption of cloud services. Tech giants including Microsoft, Google, IBM, Amazon promote not just ‘Cloud First’ but ‘Cloud Only’ strategies. But what does it mean in practice?
As Microsoft Ireland’s Cloud Productivity Partner of the Year 2017, Ergo, hopes to bring clarity to things. Not only is it offering infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS), but it also works with businesses to assess migration needs and understand the economics of cloud usage as well as managing cloud operations.
The advantages are real; take infrastructure as a service.
Microsoft provides the physical compute, storage and interconnectivity and you build your servers—application servers, database servers, web services—and run your workload on top of this.
"In a hybrid environment with an on-premise VMware install you can have your VM working there and copies running on [Microsoft] Azure. It’s great for development, for example. Even in Ergo, we have our developers saying to us ‘I need to spin-up a testbed server’; or if you have a service that’s prone to service spikes, like seasonal service spikes in retail, it’s great. In both cases it means you can expand and scale quickly without capital costs, and then spin down when you no longer need them.
Removing the need to invest in on-premise hardware isn’t the only benefit, however. Other benefits include ease of licensing, ease of patching and better deployment of IT resources.
"With platform as a service, you can get a service such as SQL. You could get infrastructure and build SQL servers, or you can buy SQL as a service. Its ready performance tuned, highly available and replicated across various servers in the background. This also eases licensing, which can be very complicated. When it comes to software as a service, for us it is primarily Office 365: Exchange, SharePoint, Skype for Business, Yammer and so on. Everything it sits on is provisioned in the cloud. With Office 365 Microsoft is more than committed to upgrades. Everything is kept to an ‘n minus-one’ supportability. You can allow it to automatically update, or you can manage and control it, but it’s a real step forward for security and patching."
In addition, in recent years security as a whole has become more germane to every organisation: the threat of hacking has grown exponentially, and compliance is more important than ever, not least because of 2018’s looming implementation of the EU general data protection regulation (GDPR).
Dealing with this can be a Sisyphean task, but Ergo has developed a cloud-based strategy to promote both security and compliance.
"We align with CSC20 controls."
This does not just mean setting up and managing technical solutions, though.
"The controls range across the organisation from physical hardware to the organisational policies and compliance requirements. We assess you on these controls."
Given that most businesses are not primarily an IT business, moving security and compliance out to a service provider makes sense especially as there are lingering fears about the cloud. The problem is, says Blanche, all businesses are already in the cloud: via so-called ‘shadow IT’.
"If you don’t do anything you’re whistling past the graveyard—and you’re going to get hanged."
With this in mind, Ergo has translated the CSC20 controls into a set of steps and a gap analysis assessments.
"However, even in those sectors security and compliance can be a hard sell. It still seems to be that unless you’ve been hurt, it’s not always a top priority."
Blanche says that one issue is that while technical solutions—firewalls, inter alia—have improved, breaches now tend to come through lax access and identity controls. In addition, what hackers do when they get in has also changed: as hacking has developed from a pastime to a criminal industry, breaches no longer announce themselves.
"Abuse ransomware, hacks, it is so prevalent out there. It is literally inevitable. The amount of attacks that you see on managed firewalls from eastern Europe, the far East, South America and so on, is shocking. The hackers don’t flag attacks anymore."
"Whether it is infrastructure, software, platform or security, the cloud is here to stay, and one important reason for this is that it allows for IT staff to be deployed on higher value things. Most industry analysts think the future is hybrid, which is likely to be the case as people may want to keep some things—say payroll—on-premises, but are better off purchasing other things as a service. Freed of the need to keep servers running, an IT department making use of cloud services can then go on to contribute to a business’ bottom line, something that is essential in a rapidly changing business environment."
"If you’re not in that disruptive space, you going to be disrupted. You’re either one or the other. You don’t want IT staff checking that this box in the corner is working or ordering disks. Businesses need to have a cloud strategy that includes both security and compliance at its core. We have a proven track record and a portfolio of clients across public, private and hybrid that we have successfully implemented cloud-based strategies for. Accelerating their digital transformation journey in a safe and secure way."
The speed of digital adoption has been such that we really haven’t previously seen such a drastic cultural...Read now
Market research shows that outsourcing continues to grow, no doubt helped by the proliferation of cloud services that offer new...Read now