READY. STEADY. CLOUD.
The pace of application modernisation is at an all-time high as organisations continue to strive toward their digital transformation goals
During the last few years, we’ve seen a remarkable increase in the adoption of cloud computing
The term ‘cloud’ can be confusing to some, when we say we’re on a journey to cloud – what do we actually mean? Is adopting a SaaS-based productivity suite like Office 365 or Salesforce really cloud? If we deploy our workloads onto another provider’s platform or into their datacentre, are we deploying to the cloud? What about the adoption of container-based technologies and orchestration platforms on-premises, is that considered cloud? Essentially, yes! Although this is quickly becoming an area of hot debate within the industry, in each of these cases we’re talking about some form of cloud computing. Each have their own nuances and offer the promise of cloud in slightly different ways, but the ultimate journey to cloud is more about the desired benefits rather than the destination. So, the approach need not necessarily be the same for all and our goals will almost certainly be different.
It’s incredibly easy to start your journey to the cloud – with public cloud providers all you need is an email address and a credit card, you’ll have your workloads running in no time at all; with containers a quick download of Docker or Podman and a command-line instruction or two and you’ve got running applications within minutes.
I like to envision the journey to cloud as a staircase, super-easy to take the first few steps off the ground, however, as we climb higher the journey becomes more arduous, and we’re inevitably left searching for that guard-rail to provide assistance and security... In cloud computing terms, that guard-rail can simply be thought of as architectural and security best practices.
As an industry we’re seeing large-scale improvement of security across the cloud providers and within the cloud-native product space. However, many areas are still simply lacking standards based alignment and its often a case of one cloud provider implementing security that only works within their platform and on their own products; but organisations today are not restricting themselves to a single cloud provider, nor should they. 98% of organisations are in the process of adopting hybrid multi-cloud architectures
If the goal of DevOps was to remove the bottlenecks in the software development process, which I believe has for the most part been achieved, then the goal of DevSecOps is to remove the bottlenecks in the cybersecurity process to ensure that business can still extract rapid results without compromising on security
领英推荐
DevSecOps is often used to describe two distinct approaches to securing the software supply chain
Securing the cloud construct whether it’s the hyper-scale public providers, community and commodity clouds, private cloud, or even cloud-native platforms on premise, all rely on the same 4 basic principles:
DevSecOps is an inclusive approach to security control with a primary focus on cloud and cloud-native, and is being embraced by organisations large and small who build their own software or, simply deploy and configure commercial or open-source products, it’s the future of security for Dev and Ops teams and an amazing empowerer to traditional Security and SecOps teams.
When you’re ready to start your journey to Secure Cloud, we at Help AG, an e& enterprise company have a team of experts as well as the right solutions to empower you on your journey to Secure Cloud