In the early days of the cloud, all kinds of organizations, including manufacturers, were reluctant to deploy cloud apps due to the belief that cloud apps had weak information security. Companies preferred the familiarity and comfort of running their own data centers, including managing their own on-premise security, particularly for mission-critical applications like ERP that manage “source of truth” and sensitive data.
This old “cloud is insecure” viewpoint is shifting dramatically towards “move to cloud to better ensure excellent information security” and will become the dominant viewpoint in 2018. What happened? Three forces have collided to accelerate this shift in attitude, including:
- Unless you are a hacker, 2017 was a terrible year for information security. Companies and governments of all sizes, shapes and locales were breached. Plants, service centers and supply chains were slowed down if not temporarily shut down as a result, and some companies even reduced earnings due to compromised security. More than a hundred million customers had records exposed by a leading credit information company, who now tries to reverse its curse by offering a search of your email address on the dark web for free — what are they thinking? There was a constant stream of bad news on the information security front. Many companies were and continue to not be prepared to put up strong defenses and remediate quickly and effectively.
- The cost of keeping up with the ever-evolving world of hacking is become prohibitive for many companies. There is a shortage of information security expertise, so the cost of hiring and retaining InfoSec professionals continuously rises. Companies increasingly need to perform penetration testing, operate sharp threat response teams and stay on top of patching. Shaky geopolitics and changes in global sociopolitical influence suggest excellent reasons to be paranoid about 2018 and beyond. Security flaws in chip, which has become public knowledge at the beginning of 2018, contributes to ongoing fears.
- Cloud providers, well-aware of the perception of security shortcomings, have been constantly making investments for the past many years in improving their security tools, processes and practices. In addition, providing secure cloud services is core to their business. Of course, not all cloud providers are equal on this front, but the fact that cloud providers can spread the necessary costs to provide excellent security across customers puts the cloud increasingly ahead of on-premise for those worried about keeping up with security.
Cloud, therefore, becomes a relatively safe haven at a relatively low cost. Manufacturers, however, face some specific challenges in the security space, including interest in their IP from unfriendly sources and the rising distribution of data sources associated with the Internet of Things. Ask a manufacturer, “Do you think the Internet of Things, as it applies to your supply chain, is secure?” Expect eyes to roll and brows to furrow. More and more, however, manufacturers will view cloud as a means to improve security for computing inside their virtual four walls; it is a start.
Evan Quinn is a principal marketing director at QAD.