As digitization continues, more and more business-critical applications and processes are migrating to the cloud. This is a big challenge, especially for companies operating internationally, as they place special demands on cloud or e-commerce systems. Christoph Herrkind, German spokesman for WIIT, explains what is important and how important an integrated approach is.
Mr. Herrkind, due to the ongoing digitization, more and more critical applications and processes are migrating to the cloud. What companies need to pay special attention to?
Christopher Herrkind: By migrating to the cloud, companies are changing their internal organization and setting the course for transformation to a digital company. As numerous studies among international companies have shown, introducing a modern as-a-service model is the most effective approach, because it allows to achieve the highest return and the fastest return.
For the success of the as-a-service model, it is important that it is fully adapted to the company and business model. Depending on the feasibility of a zero data center strategy or existing edge computing requirements, it is recommended to choose a combination of private and public clouds. Equally important is the model of integrated managed services with experience and know-how in the areas of business-critical applications and the most important middleware platforms (SAP, Microsoft, DB, etc.). In addition, SaaS and PaaS platforms (Salesforce, Office365, ecc9, etc.) play an important role in reducing time to market and achieving value.
What companies definitely need to consider when migrating to the cloud is the security of their data. Therefore, they should opt for cloud services where “cybersecurity by design” is an integral part. As the threat of cyber attacks continues to increase, it is essential that cybersecurity is built in to all processes to ensure optimal protection of your data and operations.
The threat posed by cybercriminals is growing every day. What criteria must a cloud offering meet to provide the best possible protection?
Christopher Herrkind: Cybersecurity only makes sense holistically and 24/7, so it must be an integral part of the as-a-service model.
The configuration of a cybersecurity solution must correspond to a specific company with all industry-specific business requirements. This means that, for example, e-commerce companies need special services to detect and defend against daily attacks. Manufacturing companies, on the other hand, need to focus more on internal phishing attacks and security of operating technology (OT). In addition, all businesses, regardless of industry, need to protect their intellectual property and proprietary or confidential information that is often stored on unsecured public cloud platforms. Privileged access control and mobile security are also industry-independent requirements.
From our point of view, the most important cybersecurity components include SOC (Security Operations Center), highly developed threat analysis systems, NOC (Network Operation Center) and EDR (Endpoint Detection and Response), which are fully integrated with the managed cloud of services at the operational level ensuring a quick response and immediate rescue.
To what extent do multinational corporations’ cloud and security requirements differ from those of companies operating at national or regional level?
Christopher Herrkind: MNCs typically require a wider range of services. Only in this way can they meet regional cybersecurity requirements and adapt their services to regional realities and business requirements. The individual locations of the group often vary greatly from region to region. For example, in one location we focus on production and in another on sales.
Even for two locations that have the same purpose but are in different countries, there can be big differences and different platforms are used. Various mobile payment platforms such as Chinese WeChat play an important role here. In China, paying via WeChat is normal, but the platform is not widely used outside of China. A comprehensive approach to cybersecurity of an international corporation must therefore take into account a global model with regional business solutions.
Many things can go wrong when moving your data, applications, and infrastructure to the cloud. What are the most common mistakes and pitfalls you see?
Christopher Herrkind: That’s right, a lot of things can go wrong. Therefore, companies must be able to rely on proven competences, many years of experience, international standards and reliable references, especially when it comes to business-critical applications.
The most common pitfalls are, for example, mapping worldwide networks or extending to SD-WAN. These tasks are time-consuming and critical to high-performance hybrid cloud model integration.
Application mapping is also a common hurdle. Migration requires an application-level approach. It is not only about migrating a virtual machine to a virtual machine. Clients run dozens or hundreds of different applications that are fully connected. Therefore, an approach that takes into account the linkages, criticality, priorities, and relationships between applications is necessary.
Customers are used to having in-depth discussions during the new cloud provider’s evaluation process about the methods, plans, experiences, and credentials that are critical to success. Migrations are our bread and butter, but to make them comfortable and hassle-free for our customers, highly skilled technical and design skills are required. Only with years of experience in migrating highly critical business applications from on-premises to private cloud, from public cloud to private cloud or vice versa, but also from region to region, can you offer your customers the best solution.
How do you rate the German cloud services market?
Christopher Herrkind: Germany is generally one of the countries with the greatest “cloud readiness”, but also a country with high standards of legal compliance. It is the largest cloud market in Europe, but companies in Germany have not yet made much progress in adopting the cloud model. A large proportion of companies’ applications in this country are still on-premise or supported through colocation services in separate environments. In Germany, however, we see very good further development and enormous potential, as is currently the case in Italy and France.