So How Secure Is The Cloud Really?
The Cloud Means Many Things – Not All Clouds Are The Same
If you’re clients are considering a move to the cloud, what should you tell them. I’ve had technology-provider clients steer people away from the cloud. Gartner, The Wall Street Journal, and I agree – people are going to move to the cloud, regardless of what you or I think about security. Telling them “No” is only going to hurt your business. Instead, start thinking of ways to help them make the move in a secure fashion.
The Cloud Is More Secure Then Their Company Network
This idea was underscored in a WSJ article this morning where United States Chief Information Officer Tony Scott offers his opinion. Like keeping your money in the bank, you can’t duplicate bank security at home. He’s talking about cloud offerings like Google, Amazon, and Microsoft, not some fly-by-night could outfit. These companies are under the microscope everyday, facing attacks and audits. If anyone is secure they are. Most businesses are not going to build this themselves anymore than you are going to recreate bank-level security at home.
Note, I am not saying big cloud providers can’t be broken. Read my book The House & The Cloud. Simply put, if it’s connected to the Internet, it can be hacked. Google and their competition will always be under fire, and occasionally we’ll hear of a breach. I am also stating this for the majority of US companies which happen to be small and medium business. Many of the larger financial institutions are doing just as a good a job, or better with security. But as we saw with JP Morgan last year, nothing is impenetrable. On the other hand, healthcare organizations seem to be way behind, both in their understanding of risk vs. compliance, and their ability to put a secure computing infrastructure in place. Most of them should probably just move to the cloud. They’re too far behind to pull it together themselves.
On the small and medium business side, two problems exist that can’t be fixed. First, it’s far too expensive to put in the right security measures – these smaller businesses just can’t afford it. Second, and potentially a larger concern, the small and medium businesses can’t staff people who know what they’re doing when it comes to security. For one thing, they can’t afford these people. But they also can’t keep them. An experienced security engineer is faced with security issues every day. That’s what interests them, and that’s what keeps them up-to-date and growing. Take someone like that and put them in a small business for 6 months, and they’ll be worthless. Meanwhile, the larger cloud companies are constantly in motion, pushing their already talented security people up.
Your Advantage – Your Value Proposition
As a reseller or technology provider you have the same edge if you have an MSSP offering. As long as you have enough clients to keep you busy working on security challenges, you’re people will continue to grow. And the more you do, the better you’ll be. The SMB businesses out there benefit greatly from the centralized offerings you provide.
The One Challenge
The one challenge is education. These companies are going to the cloud to save money, not for better security. While they’re thinking about cloud, and before they make the move, is the best time to insert your expertise. Help them figure out what kind of risk them have. Then help them find the best cloud offering, including security. From there, take on their end-node security challenges, and their front line security detection and response program. Right now is the time to act.
If you’re looking for a better message – consider going through the Security Sales Mastery Program…if you’re a reseller, chances are I can get you a seat sponsored by one of many technology providers you resell. Give us a call to see if you qualify.
© 2015, David Stelzl