Comunet Blog

At Comunet, we love technology.  More than that, we love helping clients use technology to build their businesses.   

For over 20 years we have been helping our clients define, design and implement IT strategies that suit their business needs - from small through to enterprise-sized organisations.  With expertise across all areas of IT including strategic consulting, cloud technology, software and application development as well as infrastructure  and managed services - we aim to help clients on a digital transformation journey that aligns to their strategic needs

Based in Adelaide, let us help your business stay ahead of the competition by giving you access to world class, best of breed technology providers - all delivered locally.

Myth Busting Cloud Security - It's all about Risk Management.

Jul 09 2018

Almost 6 months into leading the teams at Comunet, I’ve had quite a few people ask me what is the biggest surprise or challenge that I’ve come across.

Perhaps it's not surprising that the it’s been dealing with the common misconception that “the cloud” is less secure than on-premises solutions – which is exacerbated by the ambiguity that exists in many organisations around cloud computing in general.

Cloud computing has now been around long enough to no longer be a fad, and the statistics around cloud use and security incidents leave little room for debate on the fact that, configured correctly, Cloud Services (such as those provided by Microsoft or AWS) are more secure than on-premises solutions.

A 2017 report by Alert Logic covers an 18 month period and presents clear data on the number of security incidents in its researched organisation’s environments. 

Average per-customer security incident count. (Source: Alert Logic/2017 Cloud Security Report)

Why do On-Premises and Hybrid solutions present a higher IT security risk? 

From our perspective, it’s based on IT security being primarily grouped into two factors - physical and virtual security.   

In all environments except Public Cloud, both physical and virtual security must be understood, architected and maintained by IT staff. IT team profiles are regularly profiled as being time poor, challenged by budgets and not able to keep up with the training required to stay ahead of the curve on all elements of IT.

By moving to Public Cloud, organisations are able to outsource the physical security elements, while maintaining responsibility and control of their virtual IT security architecture include policies, data protection, user access, networks and their software.

Yes, you would hand over physical security, but you are almost certainly doing this to an organisation better-equipped to manage these environments.

This is represented by AWS in their ‘Shared Responsibility Model’ where they define their responsibility as “Security of the Cloud”, with organisations only need to focus on “Security in the Cloud” – which is the same virtual security practises they need to have in on-premise environments today.AWS Shared Responsibility Model

The Scout Motto – “Be Prepared”.

Gartner’s research analysts predict that In 2018, the 60% of enterprises that implement appropriate cloud visibility and control tools will experience one-third fewer security failures.1
In summary, it’s important to remember that your workloads are not secure by default, in cloud or on-premises. Your team (or IT partners) must understand the shared responsibility models with each Cloud provider.

By leveraging the tried, tested and certified physical security of Public Cloud providers – you will not only have an environment which is ‘as secure’ as your own, but will find that you can surpass anything you can achieve in-house.

If you’d like to have a conversation around cloud, security or any other IT risk related items – we’d love to talk to you.
Alexei Fey

1 (