Change is something that people always resist. Moving your applications to the cloud is no different.
Cloud migration brings a lot of change and disruption often with significantly new systems, processes and even leadership.
At W.Media’s digital event ‘South Asia Cloud Security Market Insights’, these were discussed in detail by a panel moderated by Mubin Shaikh, Partner & Leader, Cyber Security, BDO in India. The panellists included Mansi Thapar, Global Head- Information Security, DPO, Jaquar Group. Tirthankar Dutta, VP & CISO- Star & Disney India, The Walt Disney Company. Shaik J Ahmed, GM & Head- Information Security, Renault Nissan, Technology Business Center India and Parag Deodhar, Director- Information Security- APAC, VF Corporation.
“A lot of resistance is coming in organisations for moving their core applications to cloud. Things are now changing and because of the COVID-19 pandemic, organisations are understanding the importance of cloud. Still, there are risks involved. Earlier, to migrate to cloud the resilience structure was there and there was a fault-tolerant server so there wasn’t a problem.
But now while migrating to cloud, the application will first need to be shifted to a web-based application. There has to be in-built resilience. Understanding the cloud is an issue, as there is also a shortage of skills. There is still a lack of talent in the area of cloud which leads to some resistance.
The third issue is data, the data is not being shared with anyone else so now organisations concern is focused on how the integrity of data is being safeguarded. “With proper security control and policies the process of migration can be an easy journey,” said Mansi Thapar, Global Head- Information Security, DPO, Jaquar Group.
Resistance for moving critical apps
Organisations wish to migrate to cloud but when it comes to their critical applications there is some resistance, pointed out Mubin Shaikh, Partner & Leader, Cyber Security, BDO in India.
“Every time when we do anything related to cloud engagement, we first do a risk assessment. We need to understand what kind of data is hosted by a particular asset. The classification of the data will tell you the classification of the asset. We try to understand what data is hosted on a particular asset and why we need to migrate to cloud,” said Tirthankar Dutta, VP & CISO- Star & Disney India, The Walt Disney Company.
“There is always something called cost-benefit analysis, we can have more and more cloud adoption. It is also important to decide if everything has to be moved to cloud as there are different costs associated with it. For example, the traditional anti-virus running for a data centre will not work for cloud, an additional cost needs to be added in this area.
If I decide to move something to cloud there also has to be a firewall, anti-virus and other aspects will cost money. When the cost is calculated, the security cost is also attached to it. The organisations should be aware of the additional costs that they might have to spend, the compliance level should not reduce,” added Dutta.
Mubin Shaikh further pointed out that when the migration is budgeted organisations sometimes don’t think about the security costs they only focus on the functionality costs which is one of the key challenges of migration to cloud computing.
“When the automobile industry is moving to cloud they need to adapt a CSA (Cloud Security Alliance) framework and WPC (Wireless Planning & Coordination) is more on the forefront of connected tech. The CPA (Certified Public Accountant) certification is important for data migration. These are some of the certifications which are important when the automotive industry is migrating to cloud,” said Shaik J Ahmed, GM & Head- Information Security, Renault Nissan, Technology Business Center India.