Current Cloud considerations

Which key aspects should organisations be considering right now in relation to their cloud platforms?

/ IT Consultancy
March 14th, 2022

current Cloud considerations 1


QuoStar’s Robert Rutherford sheds some light on which key Cloud considerations organisations should be looking at regarding their cloud platforms. 


The pace of change is obviously fast right now, and organisations need to ensure that they have built in flexibility in their environments, allowing them scale up and out of the environment with ease. That sounds simple enough right?


Cloud considerations: #1. The ability to scale-out is critical

The ability to scale-out is particularly relevant now, as there is widespread focus on infrastructure, system rationalisation and simplification. This is going to be essential to facilitate and support various ‘digital transformation’ projects. You can only move quickly and take advantage of opportunities – and outpace threats – when the base platform/infrastructure is simple. And importantly, you aren’t locking up valuable capital or getting locked into restrictive contracts.

Cloud considerations: #2. As the saying goes – don’t put all your eggs in one basket!

Many cloud buyers believe that it’s necessary put all your ‘eggs into one basket’ in relation to cloud. They will also be sold that by many of the cloud providers, simply focused on what they are trying to sell – or simply what they know.

In the current landscape, some form of hybrid public-private cloud infrastructure will deliver the best value and balance between performance, flexibility, security, and cost. With this in focus, we are seeing a rapid rise in multi-cloud management and monitoring solutions.

Licensing is an ever-changing beast that needs to be watched, almost continually. Compliance is an issue, in terms of ensuring your licensing is correct, thus your billing too. Also, the software houses continually change their license model, and their product bundles – just take Microsoft as one example. If you don’t keep up with the changes then you can miss out on significant cost savings, functionality improvements and security enhancements.

Cloud considerations: #3. Reviewing business continuity is more important than ever.

It’s important to review business continuity now. Many organisations haven’t really given business continuity much focus since the pandemic started. The risks of significant system outage or a complete cloud outage is a reality, especially with the rampant rise of the cybercrime industry, and now the real risk of widespread state sponsored attacks. Even if an organisation itself feels secure and doesn’t have availability concerns, they should still be doing their due diligence across their supply chain.

Cloud considerations: #4. The threat landscape is getting larger

As we know ransomware is a huge threat to the corporate network. However, a big threat to cloud platform is the rise of DDoS ransom attacks – which are rising. Organisations should be evaluating their supply chain’s protection from DDoS attacks as well as their own. DDoS is easy to do and it’s a growing exponentially as it moves from a protest type attack into a revenue generating one.

The general ramp up of the cybercrime industry means that organisations of all sizes should be overlaying security governance onto their cloud partners. Many IT and business leaders believe that as they outsource their infrastructure or service, they are outsourcing accountability for risk, and its management. However, you can’t outsource ultimate accountability for risk to a third party, it won’t wash with clients or regulators if there is a breach. Businesses must be verifying the security governance within their supply chain and also testing it where appropriate.

Cloud considerations: #5. Continuous verification of all users is a must.

In terms of specific focus on technologies and trends, Zero Trust Network Access solutions should be assessed and generally deployed to protect the disparate work force and the cloud platforms and applications. There is a real need for continuous verification of all users, and their devices as they access corporate data and applications as required. Implementing zero-trust access includes requiring strong authentication capabilities, powerful network access control tools, and pervasive application access policies.

Of course, as well as implementing various security controls, it’s critical to also join up the monitoring and reporting, which is why SIEM (Security Information and Event Management) is becoming more and more critical.

“It’s all very well putting up security cameras (the controls) but you still have to monitor them (SIEM) and also respond (Security Operations Centre).” – Robert Rutherford, QuoStar CEO


For more support, get in touch with one of our Cloud specialists today here.