We’re all familiar with a few urban myths in culture – from ‘Loch Ness’ to ghost tales, there are an array of stories people claim to be true, but rarely have any evidence to back them up. These often entertaining, urban myths, receive undue credibility, to the point where the myth becomes an accepted fact. Sadly, modern-day IT is no stranger to this phenomenon, with IT users falling victim to misconceptions about the cloud and how safe their data is.
What are the three misconceptions about the cloud?
Cloud-based technology is sweeping the security industry because of its advanced abilities and unparalleled convenience. And as flexible and hybrid working environments are now the norm, reliance on the cloud is only set to grow even more. Miscommunication and misunderstanding about how the cloud works can mislead tech leaders in how they deploy their IT infrastructure, maximise business benefits and minimise security risks.
These misconceptions will continue to put businesses at risk, until IT leaders are able to fully understand the capabilities of the cloud. What are the myths and how can we debunk them?
The cloud is easier to manage
Managing a single cloud-based application may be simple. But interacting with several dozen applications in a multi-cloud environment is not, and once businesses start managing a variety of monitoring tools and security consoles, the job can become overwhelming.
Veritas found that Australian businesses are losing critical data, such as customer orders and financial data, because office workers are too scared or too embarrassed to report data loss or ransomware issues when using cloud applications, such as Microsoft Office 365.
Veritas also found that 50 percent of office workers have accidentally deleted shared data (such as Word documents, presentations or spreadsheets) with almost 14% doing so multiple times per week. This equates to the average office worker causing the loss of 24 documents in the last year, reflecting the scale of the problem impacting cloud applications.
Without careful planning and the right tools, companies may end up spending more time managing their cloud infrastructure than they do running real workloads on it.
Similarly, the cloud complicates digital compliance. There’s more information – including sensitive and business-critical company data – than ever, being shared through an unprecedented number of cloud-based applications including Zoom and Microsoft Teams.
This increases productivity, as well as both risk and digital compliance complexity, unless IT leaders in the organization have the ability to manage this new and growing data set.
Your data is inherently safer in the cloud
Another misconception is that firms and employees believe cloud providers who host their files are responsible for the protection of that data and can restore it in the event it gets lost.
In fact, nearly all Aussie employees (92%) thought their cloud provider would be able to restore their files for them, either from a cloud copy, their ‘deleted items’ folder or a backup. And almost half of office workers think data in the cloud is safer from ransomware, because they assume their cloud providers are protecting it from the malware they might introduce.
These are incorrect assumptions. Storing data in the cloud doesn’t make it safe, it still requires strong data protection. Cloud security is a shared responsibility between the provider and the consumer. Most cloud providers only provide guarantee of resiliency of their service, they do not provide guarantees that a client using their service will have their data protected.
In fact, many go as far as to have shared-responsibly models in their terms and conditions, which make it clear that the customer’s data is their responsibility to protect.
CIOs should not assume that cloud providers are not secure, but should also not assume that they are. As security levels of cloud providers vary, it’s critical to assess actual capabilities, the provider’s capabilities and hold both to reasonable standards.
One cloud fits all
It’s true that consolidating your number of cloud providers can sometimes improve cost management, reduce complexity and close security gaps. However, it is worth noting that cloud services are broad and span multiple levels, models, scopes and applications – meaning a cloud strategy must be able to accommodate the use of multiple cloud services.
The benefits of a multi-cloud approach include agility, scalability and redundancy. Not to mention that it’s often necessary for global companies dealing with local data privacy laws. That’s why today’s enterprise infrastructures increasingly include local on-premises resources along with hosted services from more than one public cloud service provider.
On the flip side, too much complexity in cloud architectures can have a significant impact on a business’s ability to recover following a ransomware attack, according to our research:
- Forty-one percent of Australian businesses with fewer than five cloud providers in their infrastructure saw their business operations disrupted by less than one day.
- Sixty-seven percent of the over-20s took 5 to 10 days to get back on track, with just seven percent of the under-fives having to wait so long.
Cloud tech is transformative, and most businesses rely on the cloud today. Some business models wouldn’t even be possible without it. The cloud has immense value, especially when you’re trying to transform IT while running a business, but it isn’t the answer to everything.