Data plays an essential role in the company. It helps to make better decisions. In some cases, it must be available instantly as in trading rooms or at tax closing for example. Data security is also a constant priority for information systems departments (CIOs) who must ensure compliance with current regulations (GDPR) and prevent possible hacking actions. Data can be stored on an internal server (on-premises) or via the cloud thanks to PaaS (Platform as a service) or SaaS (Software as a service). How to choose? Why is the cloud a relevant choice to ensure the accessibility and security of your data?
What’s the point of hosting your data in the cloud?
A study conducted by CITO Research and Commvault among one hundred IT managers indicates that 93% of them have migrated or planned to migrate their companies’ processes to the cloud.
Different challenges can lead companies to host their data on the cloud:
- Security:
It represents a major challenge in the face of the multiplication of the number of data available today. The cloud has several advantages to guarantee the data security that is at the heart of the concerns of CIOs.
Indeed, in the cloud, your environments are supported at scale by benefiting from global and managed infrastructures with significant resources (Microsoft Azure, Google Cloud, AWS …).
This has the consequence of removing a significant burden in terms of data management and in particular their storage since the cloud will allow you, as and when, to eliminate the actions of operations and infrastructures internal to the company to allow you to reorient yourself on your business issues and thus avoid actions with low added value.
- Compliance with regulations:
Regulatory compliance is another important issue for organisations. Your company is required to process personal data. The General Data Protection Regulation or GDPR applies to organizations that need to comply with it. One of the advantages of cloud solutions is that they are part of these compliance topics.
For example, if you deploy your infrastructure on a public cloud (Azure, Google Cloud, AWS, etc.), the cloud provider is responsible for the security of the cloud while you, as a user, are responsible for data processing, security and compliance on this space. Aware of the challenge this represents for companies, cloud providers provide tools designed to make it easier for you to comply.
- Costs:
Cost optimisation is a key issue in the context of a data project. The cloud brings a real added value at this level since it allows you to create ephemeral elements, to get started on new topics thanks to a pay as you go approach which is very useful in a “one shot” data project that will require large computing architectures over a short period of time.
Thanks to the cloud and Azure in particular, you will be able to forecast the cost and budget it while avoiding the massive investment that can represent the use of an on-premises server.
In the context of a data project that includes a large amount of data and can require a lot of calculations, the storage of this data over a long period of time and in a secure way, represents a major axis. The cloud offers the assurance that the data is well preserved, on a regular basis, with a good level of service and support that will make it possible to make the right separation between hot data and cold data.
Data security : a crucial issue
Data security is a crucial issue for companies since its reputation is at stake, as well as its compliance with the data protection regulations in force and its financial security.
The subject of data security has been discussed for several years, but we feel, at Devoteam M Cloud, that customers are increasingly sensitive to it and no longer need to be convinced of its importance since they now wear it themselves.
Customers are, today, particularly sensitive to 3 major axes:
Business availability :
Data is critical to the company’s business. How can we always access this data and all the elements that make it possible to work properly? What about issues around cybersecurity?
According to the Barometer of cybersecurity in companies, 54% of French companies have experienced at least one cyber attack during the year 2021.
Cybersecurity issues revolve, more globally, around :
- The preservation of company data in the face of attacks and how to ensure its permanent availability.
- The answer to malicious problems, whether intentional or accidental (e.g. mishandling, etc.).
- The definition of an approach to deal with disasters (e.g. fire), cases of force majeure, incidents (e.g. deleted database), or material issues.
Compliance and secrecy :
Data being the value of the company, how can we ensure that it is well controlled, inside and outside the organisation?
Thisnecessarily involves the preservation of company secrets, confidential data, any type of espionage. Comply with the regulations as we have seen above and in particular with the GDPR by ensuring that the data is made available to the right people in the organisation, by giving access to certain information only to individuals or services that are entitled to have access to it.
It is therefore necessary to be very vigilant about securing the entire life cycle of the data, by controlling the latter, as well as the consumption of this data, which will bring topics around the authentication of users, the security of devices and files, and therefore secure the entire chain that will consume this dataup to the user.
The location of the data:
When we talk about data security, topics relating to the location of the latter are very often taken into account. This can be linked to standards that require, for example, that the data be hosted in France or in a defined geographical area.
This is a subject that is in line with what we have mentioned around compliance with the regulations, with a particular focus on where your data is located throughout its life cycle (e.g. that the data does not leave the country).
The benefits of hybrid cloud
Cloud tools make it possible to securely store data in large quantities and manage its lifecycle, depending on whether it is hot or cold, on storages that are more or less reactive and more or less expensive.
One of the major challenges for companies is to modernise their application fleet to use all the power of the cloud (PaaS, SaaS, etc.).
One of the recurring topics is the localisation of the data which must sometimes be hosted locally for compliance reasons in particular. This is solved by the hybrid cloud or hybrid cloud approach.
A study conducted by Nutanix in 2021 indicates that 85% of French companies consider hybrid cloud to be the ideal IT model.
Indeed, hybrid cloud makes it possible to work with cloud technologies while hosting data locally, offering the best of both worlds.
More vertically, combining the best of both worlds (cloud and on-premises) is possible thanks to technologies like Azure Stack HCI. The latter makes it possible to combine both the power of the Azure cloud, but on-premises, and therefore to meet security, availability, and compliance constraints, due to the control of the location of the data.
Thus, at Devoteam M Cloud, we see from our customers that if there were, until recently, discussions about moving towards the cloud with fears and questions that could block migration projects because of the change of model, we realize today that the brakes are much less present, that the clients are open to the cloud and that the latter is even becoming the norm. The question that no longer arises is “how to convince internally to go to the cloud? “but rather “how are we going to migrate to the cloud?“. It is with this in mind that the concept of hybrid cloud is involved, which makes it possible to make the connection, to manage this transition and to allow a simpler migration.
Companies are therefore now much less motivated to invest in on-premises infrastructures, they have understood the subject of the cloud and are trying as much as possible to relieve themselves of the responsibilities of operating and maintaining these IT bases in operational conditions.