Businesses today rely on innovation more than ever to drive growth and stay ahead of competitors. For some organisations this is putting developers of business-enabling applications like CRMs under great pressure from the business leaders to shorten time-to-market through fast development, agile iterations and frequent deployments.
Quicker development cycles however rely not only on agile development teams but also on IT to provide the infrastructure including servers, storage, networks, availability and security. The issue is that business processes to provide this infrastructure often slow down delivery of new applications and services. The security teams in particular can slow down the passage of an application because they are worried about giving access to their network.
In recent years, the cloud has emerged as a compelling alternative to traditional, on-premise IT. It offers a multitude of benefits – including reducing total cost of ownership and shifting capex to opex. For a relatively small operating expense, the development team can get instant access to servers, storage, development frameworks and security.This approach has an immediate value for business as it accelerates the time-to-market, but it also carries risks as it often bypasses some established business processes.
One of the results of rushing to move IT infrastructure to the cloud, is that cloud-based servers often have looser security standards and controls than internal networks and security zones. Often, the security people aren’t made aware of these servers and when they find out, it is difficult to regain control. If security teams aren’t aware of a cloud-based resource there is unlikely to be a process in place to assure security and compliance.
Undoubtedly Cloud-based IT infrastructures are a move in the right direction for enterprises wanting to compete in fast paced, innovative technology markets. However, there needs be a common understanding within the business of how best to monitor and control the security of the business. All departments must share responsibility for minimising risk to maximise future growth and an investment in automation technology can be a sound way to alleviate some of this pressure.