The cloud provides a lot of great benefits for companies. While we say it a lot, what does “any device, any where, any time” really mean? Find out what these three phrases mean and the future for the cloud and IT. Keep this in mind as you consider moving to the cloud or what your experience with the cloud has been so far.
Cloud computing has made us question a lot of our traditional infrastructure rules. Think about your policy around Bring Your Own Devices (BYOD). The cloud can provide a consistent and managed desktop, even for those businesses that allow their users to BYOD. Cloud computing means that your full desktop experience is no longer being delivered on your local device; your local device can be treated as nothing more than a screen and keyboard.
We have seen businesses of all types move to the cloud and leverage their lower cost devices like iPads and Android devices as full compute devices now that the compute power can be delivered from the cloud. Not only is the cloud great for compute, but think about compliance as well. Are you concerned with data leakage? In the cloud, you can restrict a users’ ability to save data locally, to devices like USB thumb drives, or even printing company data. The cloud gives you the ability to bring any device you want and prevent your data from leaking outside of your organization.
Because cloud computing takes the emphasis off the end user device, you can now leverage a users’ home computer or even a kiosk computer in a hotel or airport to do your work. Using these “insecure” computers still protects your corporate data because your corporate data is never contained within the “insecure” device. This also means that companies can invest less money in the actual end user devices. Investing in inexpensive laptops, or even thin client devices that do not require an OS or patches. The cloud is also available 24x7 if you want 24x7 access.
The cloud gives you 24x7 access to your compute and data, or you can turn off your compute when it isn’t needed thus saving additional compute costs. Think about that for a minute. When you deploy an on-premises infrastructure, you pay for your hardware up front, even if you only use it for a few hours a day. With the cloud, you only pay for the resources you use, when you want them available. While anytime access is a reality, you can also take your workloads offline after hours if they aren’t going to be used. Not only does this provide a cost savings, but people cannot hack what isn’t available. I would never say turning off your resources is the best security approach, but it can be one of many tools you use to ensure bad actors cannot attack your infrastructure when it is offline.
We expect the relevance of the cloud to continue to grow. Companies that just a few years ago said they would “never” move to the cloud, are now leveraging the cloud for at least some of their needs. As cloud adoption has increased, so have the cloud capabilities such as multi-factor authentication (MFA). MFA increases the security of the logon process from a simple user name and password, to a user name and password and then an additional verification component before the user is granted access to the infrastructure. There are multiple MFA providers, like RSA and even leveraging a cell phone as a second factor of authentication. Imagine that you begin the authentication process by entering your user name and password, then within a few seconds, you receive a text to your cell phone with a validation code. You then must provide this validation code to your computer to validate that you are who you say you are. Now, for an attacker to compromise your infrastructure, the attacker must compromise the user name, password, and then have access to that users’ cell phone before they are able to obtain access to that users’ account.