As manufacturers move to multi-cloud environments, there are IT concerns that must be addressed to maintain ideal security and visibility.
June 6, 2019
By Jeff Budge, VP of Advisory Consulting, OneNeck IT Solutions
No matter the industry, the multi-cloud world has become a reality. There are many advantages to this transformation, including efficiency and increased connectivity with business partners, vendors and customers. Yet, there are also challenges emerging as organizations migrate from primarily on-premises or privately hosted cloud solutions into multi-cloud environments leveraging a mix of hyperscale public cloud, on-premises and private cloud.
Chief among those concerns for manufacturers are cybersecurity and data visibility challenges. The IT infrastructure and execution venues for many manufacturers have already evolved from the comfort and control of on-premises data centers to contractual agreements with private cloud service providers. Now one often sees a mix of private and public cloud solutions, something commonly called a multi-cloud environment. But, as organizations leverage the public cloud, many are losing that sense of control and visibility they had when they knew exactly where their data, workloads and applications lived and could dictate the details of the security perimeter.
Cloud sprawl and rogue IT are two difficulties many technology leaders are trying to remedy. Many non-IT departments have chosen their own cloud solutions. The sales and marketing departments may use solutions for managing campaigns and customer relations. Human resources may use other solutions for talent acquisition and management. These departments often lack a comprehensive perspective on security, data management or obligations that protect the company.
Now, IT departments are being asked to manage all of these environments, regardless of where or how the cloud use was initiated, and to make sure everything is secure. Before tackling this issue, IT leaders in manufacturing would be wise to hit the pause button and take a good look at the policies, procedures and guidelines being developed and deployed in order to achieve the same visibility and protection of their applications and data that came with the old way of operating. It’s a serious discussion that must take place.
When the shift to public cloud started taking place in manufacturing, it was primarily used in experimental or non-mission critical environments. We’ve since moved out of that experimental stage into the accepted reality of the hyperscale public cloud being a viable place for production. However, not all companies have experienced the important mind shift concerning security in this multi-cloud environment. The IT department must adapt existing or define new policies and procedures for multi-cloud, including scrutinizing:
- Who has access to data and applications?
- What are the right cybersecurity guidelines?
- How will records management and data destruction be handled?
Multi-cloud environments are quickly becoming complex. IT departments are trying to manage a variety of vendors, but often lack sufficient in-house talent to do so. Still, someone needs to prioritize the task of taking existing polices and procedures and updating them for new architectures and technologies. While large manufacturers may have talent and capacity to do this, many mid-sized companies do not.
The right IT solutions partner or consultant can offload these tasks from internal IT, allowing those employees to focus on more strategic projects. The stakes are high. Cybersecurity breaches directly impact production, causing millions of dollars in losses, and the theft of intellectual property can have devastating effects. There is also regulatory compliance to consider. Many organizations are required to take proper steps to protect the privacy of customer information. Others must safeguard things such as healthcare data, government data and even food safety data.
Finally, there’s the issue of cost. Although the need for updated solutions is clear, IT budgets have not been increasing. Yet, the risk of failing to address IT visibility and security challenges could easily cut into the bottom line.
The good news is, while technological change is inevitable, it may only take a few months to assess a manufacturer’s current multi-cloud environment and make improvements. The best and often fastest way to accomplish this is to identify a partner that can help an organization catch up and get set up for self-sufficiency in the future.
Jeff Budge leads the advisory consulting team and contributes to the company’s strategy and direction. He has nearly 30 years of experience in management and advisory consulting, IT architecture, product management and enterprise business applications and technologies.