Rajesh Awasthi, Vice President & Global Head of Managed Hosting and Cloud Services, Tata Communications speaks with DynamicCISO.com on why cloud-native architecture will become mainstream for app modernization and how the company is making efforts to protect enterprise cloud environments. Excerpts:
Q. The shift to the cloud model has been one of the most significant tech trends over the past couple of years. Even regulated industries have made progress in adopting cloud models. How do you see the cloud trend over the next couple of years?
Over the last couple of years, we have seen cloud adoption accelerating across almost every sector. The reason for this adoption was to gain business agility and efficiency in uncertain times.
Moving forward cloud-native architecture will become mainstream for app modernization. Companies will look at players who are in a position to help them transition from a monolithic 2 or 3-tier architecture to a microservices-based architecture. We have already seen e-commerce companies reaping the benefits of moving in this direction.
Containers and Kubernetes services have changed the multi-cloud scenario by bringing not just interoperability but a uniform and consistent approach to deploying and managing workloads in the cloud. Kubernetes is already a reality in eliminating vendor lock-in and enabling cloud portability with the choice of offerings on the different clouds.
Another advantage of the cloud has been in providing businesses with insights. Here data will become the prime driver for cloud adoption. The critical data analytics facilitated through a comprehensive cloud platform can drive business innovation along with agility and scalability.
There are cases where companies want to process the data where it is generated. So, we see cloud and edge computing go together. Using cloud and edge computing at the same time can lead to the best overall outcome from a performance perspective.
We recently stepped up our cloud-native push with our IZO Cloud Platform for Kubernetes Solutions. Some of the primary use cases for a business-ready Kubernetes platform include function as a service, DevOps as a service, and analytics with distributed computing, among others.
Q. Cloud-based services have become central to most organizations’ digital transformation journey. However, protecting systems, applications, and data in the cloud presents a new set of challenges for organizations to overcome. What according to you are the key concerns in securing the cloud environment and how are they being addressed?
Most enterprises today place security as a top priority and enabler, regardless of whether their business goals are to grow and transform or increase the agility and quality of service delivery of their organizations.
Having said this, cyber threats are growing and they are becoming smarter by the day.
In my view, cloud providers today deliver the highest possible level of security for their customers. Cloud operators comply with the regulatory mandates, frameworks, and laws of the countries in which they operate. They also meet the highest standards, including independent, internationally-recognized certifications and audits of security people, processes, and technologies through a range of rigorous programs. Most organizations do not have the time, resources, or budget to meet this level of security assurance.
Having a cloud security posture management solution is another way for any company to secure its cloud estate and keep data secure. Such tools can be used to identify unused assets, map how security teams work, who has access, verify the integrity of a recently deployed system, and identify what technologies are most used.
Q. We are in a multi-cloud era where organizations work with multiple cloud providers. Now each of these providers have their own version of “a shared responsibility model.” Who takes ownership in case of a security incident? This lack of clarity – in terms of the responsibility of who owns what – can also bring with it a risk of misconfigurations, software vulnerabilities, human errors, etc. How does one address this concern?
There needs to be clarity on the shared responsibility model from both the service provider and the customer. Most cloud providers operate with a shared responsibility model. While the onus is on the cloud operator to protect the infrastructure, it is up to enterprises to be responsible for securing their applications, data, operating systems, access management, and firewalls.
We have created a single pane of management for our customers, which has API-level integration with hyperscalers for orchestration, monitoring as well as management. We call it the TCX platform or cloud command portal for visibility provisioning and management.
Cloud, if not managed well, can see an escalation in costs. This is where FinOps becomes important. Our cloud command portal provides customers with a view to make better decisions about cloud usage and expenditure.
Q. How is Tata Communications enabling enterprises to embrace the cloud in a secure manner?
We have our global service management centre from where we manage our own cloud as well as our customers’ public cloud environment. In addition, we also have a cyber security response centre (CSRC) that focuses on security monitoring and management for our customers. The reason for having these two separate teams is to have a maker-checker process in place. We also offer managed security operations center (SOC) and managed distributed denial of service (DDoS) services for enterprises.