Security and Control: The Fundamental Challenges of Cloud Migration
Enterprise IT professionals continue to face file server migration challenges primarily driven by a fundamental lack of support for security and control. It isn’t that cloud storage services are oblivious to these concerns. On the contrary, many have implemented their own mechanisms to secure data. But are enterprises willing to accept these new models – even in the face of accelerating cloud migration pressure? Can they become comfortable entrusting critical, corporate data to faceless third parties? Can they afford to redesign and re-implement existing security practices and administrative procedures?
Unfortunately, the answers seem to lean towards the negative. When faced with the costs of upgrading existing infrastructure or increasing workforce productivity needs, business executives may explore cloud adoption as a modern reflex. But, since they typically operate in a Windows environment, using Active Directory for authentication to Windows file servers with NTFS based access controls, the aforementioned assumptions are frequently and easily thwarted by questions like these:
- Does the cloud service integrate with Active Directory, or does it have its own security?
- Can I expect the same level of security controls on files and folders, or should I expect to rethink and redesign existing access controls?
- How much user training will be required? How will the cloud service work from a user’s perspective? They are used to mapped drives. Will it be the same?
The questions may vary, but the theme remains the same: “Can we replicate the existing environment to the cloud, while maintaining user experience and admin controls, or will we have to make significant changes to the experience, thought processes and procedures for users and administrators?” The assumed absence of adequate answers for these questions (by those who may not be aware of products likeCentreStack) has created cloud adoption friction for enterprises. On the other hand, so much cloud migration pressure exists, that many choose to ignore their doubts. And who can blame them?
A recent survey asked more than 1,000 IT professionals about their use of public cloud services. Of these respondents:
- 57% use Amazon Web Services
- 34% use Microsoft Azure
- 15% use Google
- 8% use IBM
- 3% use Oracle
Dropbox, probably the most well-known consumer-oriented service, recently reported over 500 million users, and has become so massive that they’re building their own private file sharing network. They have become successful enough that building their own internet makes sense.
It’s no wonder then that workers have come to expect a certain level of productivity in the workplace. In fact, 80% of them admit to using some type of SaaS application, usually without the approval of their IT department, according to a recent survey by Stratecast. Considering the increasing deadline pressures, budgetary constraints, and workloads they face, it’s no surprise that they use any means necessary to get the job done. The risk of getting fired for causing data leakage, or some other security problem is far less ominous than the certainty of getting fired if you can’t get the job done.
So, what’s taking so long? Why haven’t more file servers already been moved to the cloud?
Is it a question of bandwidth and network performance? Perhaps. Moving file server data to the cloud can certainly be cumbersome given the wide gap between data transfer rates on local area networks, and the bandwidth available from data center operators for file transfers to endpoints. This creates a preference for working with on-premise data. But speed isn’t the only issue.
As indicated by the questions outlined above, a file server is more than its hardware and data. The ability to validate who is requesting access to corporate data and what their access permissions should be is critical. In other words, an enterprise’s need for fast, productive access to data is no less important than their need for control and security. And since no one likes repeating a completed task, it’s not enough to provide an easy way to migrate data to the cloud without also migrating permissions and identity management. When you factor in concerns about data ownership, control, and compliance, the drag on adoption becomes even more obvious.
Does this mean that there will always be some file servers that can’t be moved to the cloud? Will enterprises remain stuck with a cloud migration calculus that pits productivity against security and control as a function of data location? A calculus where those who require security, control and compliance are forced to sacrifice productivity with on-premise deployments that are only accessible via VPN, while those who enjoy the productivity and economic benefits of cloud migration must have high tolerances for security, control and compliance risks?
The CentreStack platform was designed to change that calculus by supporting the philosophy that security, control and productivity should not be functions of data location. You shouldn’t be forced to move to the cloud for productivity, or to stay on-premise for security and control. CentreStack has the flexibility to:
- Create a private cloud with an on-premise file server to create a VPN replacement or simpler alternative to Sharepoint.
- Maintain copies of your data in the cloud and on-premise for business continuity and disaster recovery.
- Move all your data, access controls and identity management to the cloud to get rid of on-premise file servers and their associated expenses.
More importantly, regardless of which deployment model you choose, CentreStack uses the same NTFS permissions, Active Directory integration and other security features to maintain a consistent experience for users and administrators.
To learn more about CentreStack, please visithttp://www.centrestack.com/cloud-file-server