How safeguarding your cloud stack has become a vital part of the new hybrid working model

By Jesse Stockall, Chief Architect at Snow Software.

As the dust begins to settle a little on the pandemic, people are casting their eyes back to the mad days of Spring 2020 when the first lock-downs were imposed, the rush for PPE started and the struggle to save businesses and jobs began. As we now see, the normal checks and balances on procurement and financial processes were thrown out of the window and a rather large multi-billion bill is the result.

Over in ‘Work from Home-Land’, companies were under immense pressure to keep their businesses going with a workforce that was suddenly forced to work virtually. As in government circles, new systems were put in place in a rush and one of the areas to really suffer was cloud security – not surprising really given the scale and severity of the crisis. The use of cloud computing increased rapidly due to the pandemic and it’s still growing and is estimated to become a $1 trillion global industry by 2024 according to industry analysts IDC.

And as in government circles those ‘best practice’ procedures were side-lined in the race to keep businesses afloat. So here we are two years later, and it’s time for companies to catch up on their security issues. Cybercrime has also reached staggering new levels in the pandemic and now it’s time for IT leaders to understand the layers of their cloud stack and review who has access to it. Unnecessary programs should be removed and service packs and patches brought up to date. In essence, security needs to move right up the agenda.

Chain of dependencies – they’re more important than you thought!

There’s no doubt that hybrid working is the new normal and we are unlikely to go back to the traditional 9-5, at least for a significant amount of the working population. Most people in certain industries are still working from home, at least for part of the week, and most of them use a wide variety of apps and platforms that used together, can make for a great working experience and high productivity.

However, integrating lots of different systems using other people’s services and maybe some open-source components, can represent a threat if all the parts aren’t all security checked. With all of these systems being interdependent, you are only as secure as the weakest link in the chain of vendors and cloud providers

From Zero Trust to a new world of security

Back in 2010, Forrester defined a security protocol called Zero Trust and this framework is built on leveraging network segmentation to prevent and reduce security lapses. Brilliant though it is from a security point of view, it is also quite cumbersome: you may end up with a very safe system but the hoops that your IT staff and users need to jump through may not make it commercially desirable or conducive to productive work practices. Security issues have changed a lot in the last ten years and aside from using the latest technology, it is vital that cloud IT managers are educated on the very latest threats and ways to deal with them. In fact, CIOs have suddenly become much important in the pecking order in many organisations with technology forming the very heart of almost every company.

Education and training is vital to ensure that organisations can cope with the rapidly changing technologies, new architectures and consumption models. Developing and retaining highly skilled people to maintain and safeguard your cloud stack is an increasingly important part of the whole IT security world.

Balancing risk with productivity

In essence, IT leaders and their cloud IT teams, need to constantly assess security risks and at the same time balance the computing needs of their staff. Keeping data as safe as possible is essential, but so is keeping the business successful. Learning how to manage your technology assets and keeping the interface to the user as straightforward as possible is a big challenge for todays CIOs. The multitude of systems that companies use are there to make working life, both in and out of the office, as easy and productive as possible. With the right combination of technology tools, processes, and people, it is possible to provide a safe environment for your company to thrive in this new era of cloud computing.


By Adrian Bradley, Head of Cloud Transformation, KPMG
By Ashish Arora – Vice President (UK, Ireland & BeNeLux) at HCL Technologies
By Jason Gregson, Head of AWS Programs and Operations, DoiT International
By Andrew Weaver, Lead Specialist Solutions Architect, Databricks
Cloud computing gets headlines every day, with predictions about the percent of workloads moving to large public cloud providers. While there is some momentum in the IT industry to move to public cloud environments, this choice is not automatic. Several decisions must be looked at closely before moving critical workloads to a public cloud provider. Different computing environments serve different needs of IT organisations, and one environment is not ideal for every enterprise.
By Alex Roditis & James Arias, Co-founders of Weaver Labs