4 Questions on Cloud Security with Tim Mullahy of Liberty Center One

Migration to the cloud is all the rage in the corporate world, especially as it concerns enterprise digital transformation.  It can imrpove collaboration, coordination, and comprehensiveness for business processes regardless of industry.

But how is cloud security keeping up with rising demands? We asked Tim Mullahy of Liberty Center One, a enterprise-grade data center, 4 questions on the state of cloud security and the Internet of Things (IoT). Here’s our conversation, edited slightly for readability:

1. What, in your opinion, is the current state of cloud security?

It was in a good place. Then we bumbled straight into the Internet of Things. Now I’m not so sure where we are with it in the long-term, but in the short-term it’s not anywhere good.

We’ve finally moved away from the idea that cloud computing is somehow less secure than the traditional way. These days, you can’t turn your head without seeing at least ten Saas apps, or a PaaS platform—some form of cloud infrastructure.

And for the most part, I think that businesses understand the importance of keeping those solutions secure, and being selective in what vendors they work with.

Where things become a lot muddier is with the Internet of Things. Cloud platforms are going to be essential to support IoT devices. I’m not just talking about big data storage and analysis alone, though those are both factors.

At its core, the cloud is what makes the Internet of Things possible—supporting the massive flows of data, huge computing, and considerable processing demands of IoT devices. At the same time, IoT is going to change cloud a great deal, as well, with the advent of edge computing—think the cloud, but with processing at the endpoint rather than at a data center.

Where security becomes a concern is in the fact that most IoT devices are easier to hack than a poorly-guarded email account. Add to that the fact that there will soon be millions of access points, and suddenly the number of ways someone might compromise devices, networks, or clouds have increased exponentially.

2. What are the three developments that will change cloud security?

I have already mentioned edge computing. Shifting the processing load to edge devices rather than centralized devices will bring with it a cornucopia of new security challenges. The other trends are also closely tied into the Internet of Things – everything is.

Increased connectivity and reach for the cloud through the development of 5G networks will both improve the quality of cloud services available and make the cloud a more attractive target for cyberattacks, state-sponsored and otherwise. As demand for cloud services increases, this is inevitable – as is the increased use of the cloud by cybercriminals.

Finally, organizations such as the Cloud Security Alliance are working tirelessly to improve regulation and create standards around cloud security. Their current target is the Enterprise Resource Planning App – they recently released a paper detailing the issues with ERP security, the end result of which will likely be a better, more robust set of standards.

3. Of these developments, which one do you think is the most significant?

The move towards a more standards-driven approach to cloud security. Criminals are going to start targeting and undermining cloud infrastructure, and the increased threat surface will make it easier than ever for them to do so. Until businesses start following set guidelines in protecting their clouds, that’s going to be an enduring problem.

4. How will these developments change enterprise migration to the cloud? How should enterprises incorporate these changes into their digital transformation plans?

As a whole, I expect that they’ll make migration to the cloud easier. Better connectivity and improved security standards mean less risk in cloud adoption, but the problems of IoT and cloud-targeted cyberattacks are still a significant roadblock. To surmount these challenges, I would recommend simply remaining cognizant of the risks involved in IoT – and ensuring there are processes in place for defending against IoT-based attacks.

Thanks again to Tim Mullahy for his time and expertise!