Finding Business Value in the Cloud Part II: Security and Sustainability
Data Society specializes in providing industry-tailored data training programs and AI/ML solutions that enable Fortune 500 companies and government agencies to educate, equip, and empower their workforces. Since 2014, the company has trained thousands of professionals with the skills needed to solve complex challenges, realize new opportunities, and take their careers to the next level. Data Society was recognized as an Inc. 5000 2021 and 2022 fastest- growing company and named a top EdTech Company to watch by Forbes. For more information, visit www.DataSociety.com.
Steering an enterprise into the cloud calls for thoughtful consideration of the challenges ahead and a clear understanding of the destination. In the first part of this series about unlocking the cloud’s business value, we outlined some of the preliminary decisions an organization faces when considering a move to the cloud, and we looked at a few resources for controlling costs and capturing value through cloud-enabled innovation. Here, we will dive into questions many companies have about security and sustainability in the cloud.
As your organization weighs the pros and cons of cloud adoption, you might be concerned about relinquishing control over critical organizational assets and responsibilities to cloud providers. To some degree, particularly in the public cloud, this is an accurate assessment. Depending on the cloud services your organization uses, the maintenance and security of resources ranging from IT systems to data will no longer be strictly in your organization’s hands. As a conscientious organization, turning over the reins in these areas might prompt you to ask questions such as:
How can my organization manage data security and compliance in the cloud?
Companies evaluating cloud adoption often have reasonable concerns about data security in the cloud. This is especially true in industries that handle sensitive personal data, such as health care and financial services.
These concerns are not without merit, as data on the public cloud can be vulnerable. However, it is heartening to note that the top public cloud providers are especially well-equipped to safeguard data. Cloud computing providers protect data with advanced systems to secure environments, and they maintain these systems with regular updates. Further, most cloud providers are compliant with current security regulations, such as HIPAA and FedRAMP. To ensure you are entrusting your data to a vendor that offers maximum data protection and meets your industry’s requirements, you should assess providers’ security practices and procedures, such as how they store data and where the data is stored, as part of your organization’s vendor selection process.
Beyond vetting providers’ security capabilities and practices, many companies mitigate data security risks in the cloud by adopting a hybrid deployment model. This approach gives organizations the flexibility to take advantage of the public cloud to meet some operational needs while sheltering projects that involve highly sensitive data in more secure environments, such as on-site IT infrastructures or VPCs available on the public cloud.
Of course, your organization’s responsibility for data security in the cloud goes beyond making careful choices about providers and deployment models. In a 2019 report, Gartner projected that, through 2025, 90 percent of companies who don’t have adequate procedures in place to control public cloud use will inappropriately share sensitive data and that users will be responsible for 99 percent of cloud security failures. You can address your data’s vulnerabilities through procedural and governance practices and use cloud adoption as an opportunity to implement new security processes. Such was the case with a medical group in California that not only engaged a cloud cybersecurity firm but launched initiatives, such as security awareness training programs, to increase safeguards surrounding the privacy of its sensitive medical records in the cloud.
Data security is just one important consideration to think through as you pave your way forward into the cloud. As organizations increasingly heed the call for more responsible business practices, sustainability also rises on the list of priorities for cloud adoption strategies.
Can my organization achieve its sustainability goals in the cloud?
There is no doubt that the cloud takes a toll on resources. Data centers have voracious appetites for the resources they need to maintain and cool their servers. They consume 10 to 50 times the amount of energy per floor space that a typical commercial space consumes, according to the U.S. Department of Energy. In addition, a typical data center is capable of consuming an estimated three to five million gallons of water a day.
Environmentally conscious organizations should add sustainability issues to their list of questions and concerns when considering the impact of a cloud migration. Fortunately, there are some reassuring indications that the cloud might not be the looming ecological menace these figures would suggest and that the cloud has the potential to, in fact, increase sustainability across enterprises.
According to a recent study, the cloud’s energy consumption has seen a relatively modest rise even as data centers proliferate. Offsetting the potential environmental ravages of data centers is the fact that the large cloud service providers have newer and more efficient digital operating infrastructures than older corporate data centers and use more renewable energy sources and carbon credits. By accommodating multiple tenants and facilitating greater workload flexibility, these hyperscalers can support more efficient server usage and more energy efficiency than in-house data centers. In fact, according to an Accenture analysis, migrations from conventional IT infrastructures to IaaS can reduce carbon emissions by more than 84 percent, and migrations to the public cloud can reduce global carbon emissions by 59 million tons per year.
Additionally heartening is the fact that organizations can exercise some control over the environmental impact of their cloud journey through the choices they make along the way, starting with their criteria for selecting cloud vendors. Just as organizations should take cloud providers’ security practices into account while shopping for vendors, they should research providers’ sustainability practices to make selections that align with their environmental values. It appears many companies are doing just that. A 2022 Gartner article predicted that hyperscale cloud providers’ carbon emissions would be among the top three criteria for cloud service selections by 2025.
Google, AWS, and Microsoft Azure have all launched initiatives to promote sustainability in the cloud. Google Cloud has run on renewable energy since 2017, and AWS and Microsoft Azure ML have pledged to use 100 percent renewable energy by 2025. All three of the public cloud giants have set goals of becoming water positive by 2030, with Google pledging to replenish 120 percent of the water it consumes.
In addition, the top three providers have introduced cloud-native tools that subscribers can use to measure their carbon footprints. This development represents a promising step toward filling a void in tracking the environmental impact of individual entities’ cloud usage. Unlike on-premises energy consumption, tracking and reporting your organization’s cloud footprint can be complicated due to fluctuating demand and pricing. Companies can help minimize the impact of their cloud usage by following best practices for managing resource utilization and optimizing the efficiency of workflows and resource utilization.
Also, innovative IoT technologies enabled by edge and cloud computing can help companies continuously monitor metrics about equipment performance, environmental conditions, and other variables that can inform strategies for improved efficiency and optimized resource utilization. An example of cloud-empowered innovation that supports sustainability is the sensor network developed by CropX to gather and analyze soil data. On the cloud, the agricultural analytics company was able to dramatically scale its analytics platform and incorporate more satellite imagery and real-time weather data, ultimately helping PepsiCo achieve a 25 percent reduction in the water used by its potato farmers in Mexico. Given the cloud’s potential for positive environmental impact, 87 percent of business leaders said the cloud would be critical to reaching their sustainability goals, according to a 2020 Accenture survey.
Transforming Organizational Aspiration to Cloud Migration
Your company’s cloud odyssey is an opportunity to assess—and reassess—your core values and priorities as an organization. From responsible security and sustainability practices to aspirations for digital transformation and innovation, such guiding principles can help your company navigate the options you’ll face in this transformative journey. Ultimately, the path you choose to travel into and within the cloud should reflect thoughtful introspection about where you—as an organization—are today, where you envision being in the future, and the impact you want to make along the way.