Cloud optimisation: Overcoming the complexities of cloud-based solutions
Cloud computing has become the default option for many organisations – with most CIOs and IT decision makers having a good understanding of what cloud can deliver. As adoption of cloud continues, 451 Research even predicts that more than two thirds of organisations will have a multi-cloud set-up by as soon as 2019. While this is great news for cloud providers, it’s at this point of widespread cloud implementation that many organisations may start to see the ‘cracks’ appearing.
Whether it’s a cloud outage, poor performance of applications not built for cloud, or differing levels of service from vendors with individual SLAs, a cloud environment has many moving parts to track. Compounding the issue is the democratisation of technology that cloud has wrought. This has made the lives of those in the IT department much more complicated – a case of ‘more cloud, more problems’; it can be surprisingly easy for cloud costs to spiral out of control. Now, as many have moved past the initial question of whether to adopt cloud, it is cloud optimisation that has become the watchword.
Growing complexity adds to confusion
Cloud optimisation means reducing cloud expenditure and improving cloud performance, whilst ensuring a secure IT environment is maintained. It is not necessarily an easily-achievable feat for many enterprises. This is because digitalisation has changed the way that we work, think and live; cloud computing, with all the benefits it delivers, has also added a whole new layer of complexity to enterprise IT. Take, for instance, the willingness of today’s employees to ‘go rogue’ when it comes to cloud. Though their intentions are good – the majority just want to use the cloud services they like best – the ease with which applications can be downloaded and paid for means unmanaged proliferation of potentially risky services is a clear worry.
Secondly, by using multiple clouds from different vendors, each with their own SLA, many organisations have unwittingly relinquished control over their infrastructure – as a result, performance can suffer. Cloud sprawl, the issue of potentially dangerous applications allowing malware to roam the network, storage of sensitive documents in an unsecure public service – these are just some of the risks of unchecked cloud growth. Not to mention, of course, the hidden costs that soon mount up. These factors have implications for ongoing costs, but also for the safety of organisations’ data. Organisations need to be able to strike the right balance between enabling the workforce while ensuring costs and data security are controlled.
Consolidate and close the loopholes
To combat these issues (cost overrun, malware, potential data leakage, etc.) and ensure their cloud is running at peak efficiency, CIOs must be able to gain an holistic view of their entire cloud infrastructure, with continual monitoring. Deep, real-time visibility into what software and applications are being procured, with control over where software is deployed, is essential. To achieve this depth of understanding, organisations need an overarching layer of control that can deliver this intelligence to a central location. For most organisations, this will require skills and resources that they lack in-house; it’s hardly surprising that IDC expects the cloud services market to grow to $62.8bn in 2021 (a CAGR of 18%).
Once the CIO has the full picture, they can start to make more informed decisions to manage and optimise their cloud environment; for example, ensuring more closely-controlled cloud purchasing through closing loopholes in governance. This could take the form of an approved application whitelist – so the potential for downloading malware or viruses is minimised when employees wish to purchase a new application. Armed with organisation-wide intelligence into how cloud is being used, CIOs can consolidate applications and achieve cost-savings by ensuring cloud services are procured centrally. This is particularly important to minimise the all-too-often unplanned spend that cloud can result in.
Eliminating ‘bill shock’ and futureproofing
When speaking of unplanned cloud spend, one of the most notable factors is how quickly consumption can seem to spiral, resulting in an unexpectedly large bill from a vendor. As such, an important aspect of cloud optimisation is being able to proactively manage and predict cloud consumption; this again relies on having real-time visibility across the entire business infrastructure. Predictability of costs, and reducing the chances of ‘bill shock’, is significant for CIOs because typically they must allocate fixed budgets on a yearly, or quarterly basis. Being able to accurately forecast expenses up-front helps CIOs to justify spend to the boardroom, and to build a case for planned spend on infrastructure.
Ultimately, though the ease with which cloud can be adopted is a huge benefit, management of it shouldn’t stop at adoption. While in the on-premise world, it was relatively easy for organisations to keep track of the software being used, where, and by whom, cloud has turned this model on its head. Structured, controlled purchasing, and comprehensive management and reporting, will help CIOs to ensure that their cloud journey is one that delivers real value back to the business. The nature of cloud means relinquishing control can be all-too-easily done. For CIOs to really get the best of cloud, now is the time to optimise.
Richard Best, General Manager, COMPAREX UK
Ivanti Acquires RiskSense to Combat Cyber Attacks
Ivanti, an IT asset and service management software solutions provider, has acquired RiskSense, a company that works in risk-based vulnerability management and prioritisation, to drive the next evolution of patch management.
This combination of the two companies will enable organisations to ‘shrink their attack surface, prioritise vulnerabilities to remediate, and reduce their exposure to cyber threats and ransomware attacks by taking a proactive, risk-based approach to patch management’. The terms of the RiskSense transaction were not disclosed.
“Over the past two years, cyberattacks such as ransomware have crossed the line from being a nuisance to truly disrupting society,” said Srinivas Mukkamala, CEO of RiskSense. “And unpatched vulnerabilities remain one of the common points of infiltration into organisations’ ecosystems. I’m committed to the global fight against ransomware. And I truly believe that the combination of risk-based vulnerability prioritisation and automated patch intelligence can help organisations reduce their exposure and make a major impact in global cyberspace. Together, RiskSense and Ivanti will help customers drive operational efficiencies and defend against the next wave of sophisticated cyber threats, including ransomware attacks.”
Providing IT teams with the tools to tackle cyber issues
Solutions from the combined companies are expected to reduce the meantime to detect, discover, remediate, and respond to cyber threats, particularly critical vulnerabilities linked to or associated with ransomware. Together, Ivanti and RiskSense will provide security and IT teams with context and adaptive intelligence regarding what their organisation’s exposures are to vulnerabilities that are being actively exploited, including whether those vulnerabilities are tied to ransomware, and then enable them to quickly remediate those threats.
Ivanti has already integrated the RiskSense Vulnerability Intelligence and Vulnerability Risk Rating, which prioritises and quantifies adversarial risk based on factors such as threat intelligence, in-the-wild exploit trends, and security analyst validation, into Ivanti Neurons for Patch Intelligence.
“This combination will allow us to provide our customers with a holistic view of vulnerabilities and exposures, and then enable them to take fast action through Ivanti Neurons for Patch Intelligence. Customers will be able to greatly reduce their attack surface and risk of breach because of the vulnerability intelligence and the resulting remediation prioritisation based on actively trending exploits and ransomware attacks,” said Jim Schaper, Ivanti Chairman and CEO.