Top 5 Mistakes When Embracing the Cloud

Companies large and small will move significant parts of their operations to the cloud in the next one to two years. However, all is not hunky dory as far as migration of apps is concerned


Top 5 Mistakes When Embracing the Cloud

Personal Cloud: Can It Offer More Than Public Cloud?


Decoding Hybrid Cloud and What it Really Means to an Enterprise

10 Cloud Security Threats


This year, cloud computing is definitely poised to gain importance among enterprises. CIOs are now convinced that when properly implemented, cloud computing can dramatically improve a firm's agility and productivity while cutting infrastructure cost. Companies large and small will move significant parts of their operations to the cloud in the next one to two years. Yet while every organisation wants a piece of the cloud action, not all of them will get the results they desire. Here are the top five mistakes to avoid:

1. Not opting for the right cloud model
Companies moving to the cloud can choose from public clouds, private clouds, community clouds or hybrid clouds.
• Public cloud: This is owned by a cloud provider and made available to the general public on a multi-tenant, pay-as-you-use basis.
• Private cloud: This is owned and deployed by an organization for internal use as a single tenant.
• Community cloud: This is cooperatively shared by a set of tenants, often from the same industry.
• Hybrid cloud: This spans the cloud deployment models listed above, enabling applications and data to move easily from one cloud to the other.

Each type of cloud deployment offers its advantages. The factors to consider before adoption are the business criticality of the applications the firm wants to move to the cloud, regulatory issues, necessary service levels, usage patterns for the workloads and how integrated the application must be with other enterprise functions.

2. Not integrating cloud security into your corporate security policy
Your cloud security and corporate security policies must be integrated. Instead of creating a new security policy for the cloud, however, extend your existing security policies to accommodate this additional platform. To modify your policies for cloud, you need to consider similar factors: where the data is stored, how the data is protected, who has access to the data, compliance with regulations, and service level agreements.
When properly done, adoption of cloud computing can be an opportunity to improve your security policies and overall security posture.

3. Counting on the security of your cloud-based service provider
Do not assume that your data is automatically secure just because you use a service provider. You need to do a comprehensive review of the provider's security technology and processes, and check how they secure your data and their infrastructure. Specifically, you should look into the following:
• Application and data transportability: Does your provider allow you to export existing applications, data and processes into the cloud? Can you import these back just as easily?
• Data centre physical security: How does the service provider protect its physical data centres? Are they using SAS 70 Type II data centres, and how well trained and skilled are their data centre operators?
• Access and operations security: How does your provider control access to physical machines? Who is able to access these machines, and how are the machines managed?
• Virtual data centre security: Cloud architecture is key to efficiency. Find out how the individual pieces like the compute nodes, network nodes and storage nodes are architected, and how they are integrated and secured.
• Application and data security: To implement your policies, the cloud solution must enable you to define groups, roles with granular role-based access control, proper password policies and data encryption (in transit and at rest).


Previous 1
  • Follow PCQuest on
  • become a fan on
  • Stay updated via
  • RSS


Notify me of follow-up comments via e-mail address

Post Comment

Jeff 9 April 2014 at 01:45 AM Reply

I completely agree with #3. It's just not a smart thing to do. Look at Dropbox for example. All these scares of being hacked, all these downtimes because of server failures, how can you rely on that? Definitely need to take security into your own hands, and it's nice to pick a service that allows client-side security. The one I use, drivehq, has that security. If I recall from my companies cloud search, egnyte does too. Definitely lots of options out there for security, just gotta make sure you take care of it yourself and that you do your research and pick a reliable service.


Survey Box

Now that Microsoft has finally discontinued support for Windows XP, which OS are you likely to upgrade to?

Send this article by email