Hello Experts,
The factors could be anything that comes in your thought which is human in nature and in line with cloud technology adoption and transition.
Thank you!
-Manoj
The human tendencies for short term thinking and wanting to get things done right away are definitely factors that you need to take into consideration when looking at governing cloud computing adoption. It might seem easier to avoid "IT bureauracy" and IT's associated frameworks and methods when buying, building, and deploying applications in the cloud. After all, it just takes a credit card to get cloud resources to be up and running. But when individuals or individual departments run into problems with scaling (Cloud providers limit resources purchased by individuals compared to getting enterprise scale purchasing) or needing to tap internal company data, it usually would have been easier and cheaper over the longer term to go with the IT provisioned solution. I have seen this in real life when working with people deploying cloud applications.
Following Jeff Sedayao reply, always remember that "CLOUD == Someone else's computer". Often overlooked, but a major part of personal comfort and security is really "ownership". How can a "cloud" user's experience retain (or deliver) a real sense of ownership?
Steven Cooke - insightful comment! I have seen this happen in cloud computing when people are uncomfortable to put important and highly confidential in the cloud because they think it is more secure in their own building in their own server. With the proper controls (see https://www.intel.com/content/www/us/en/it-management/intel-it-best-practices/securing-the-cloud-for-enterprise-workloads-the-journey-continues-paper.html), you can put sensitive workloads in the cloud. I have talked to IT people outside of my company who are happy when people move workloads to the clouds, as the Cloud Service providers often have better security teams and services than what is available in a local, on-premises, and organization-owned and maintained data center. It's notable that in the document I pointed out, people are a big part of task of securing workloads in the cloud.
Thank you, everyone for your valuable suggestions and insights. I really appreciate!
Regards,
Manoj
Jeff Sedayao - Yes, security is relative, and ultimately the OWNER'S responsibility, whether outsourced or insourced. My point is specifically that if you have any concerns about WHO might see your data/reports YOU need to do the "due diligence" of anyone and their systems to whom you will entrust that information.
I think that a good analogy for people is banking. Why do we entrust our liquid assets to company (or should we)? What safeguards do we expect, and how do we know that they are effective and fully utilized? Certainly, there are many business (and personal) benefits of "Cloud" computing options. But decisions on use must recognize the risks as well. That is part of the "ownereship" that I mentioned.
That is to address the initial question - not of security directly, but of how the sense of ownership can be strengthened in the system. That is essential for a "Governance Framework" for any outsourced facet of a company's activities.
- Badges
- Science topic
- Similar topics
- Social Science
- Media
- Journalism