A move to the cloud is on a lot of organizations’ agendas. In fact, 69 percent of organizations are planning a move to the cloud in the next 12 months, according to a recent survey, which also found that 67 percent of organizations migrating data experienced some form of outage or disruption.
But outages and disruptions don't have to happen. By using these tips, courtesy of the survey by security firm Algosec, organizations can make the transition smoothly.
1. Understand that application connectivity is tied to firewall rules.
Nearly one-third of the 240 IT professionals who responded to the aforementioned survey were responsible for more than 100 critical applications in their data center. About 20 percent of those who responded had more than 200 critical applications. The great number of critical data center applications ties into network security and connectivity, a consideration that should be taken into account when migrating.
2. Remove access rules when applications are decommissioned.
As organizations evolve and applications are decommissioned, the access rules for those applications should also be removed for simplicity’s sake. Firewall rules can already be very complex, so the removal of unneeded controls will be helpful.
3. Identify risks from the business perspective.
Most respondents were more interested in understanding risk in terms of their business applications, rather than by looking a network segments or devices. One way to achieve a business-oriented perspective is to integrate security policy management with vulnerability scanners, which will allow the organization to view risk by application, rather than according to some obscure metric.
4. Beware of Shadow IT.
Public clouds can present a threat known as “Shadow IT.” Business owners can quickly and easily spin up services without properly communicating their actions to the IT department. This can create huge security risks, but close inter-agency communication can ensure the migration to the cloud is a well thought out process.
5. Reduce complexity that is inherent in the security change process.
A modern data center can be full of hundreds or thousands of rules with interdependencies and configurations spread across hundreds of devices. Reducing complexity is an orgizational goal that can help an organization reduce the time it takes to implement new services. A quarter of survey respondents reported that it takes more than 11 weeks to launch a new application.