This article is originally published on cybernews.
More than one cloud service provider is often used as it not only helps to make use of each provider’s strengths but also reduces companies’ dependency.
It’s only natural that the more cloud providers there are, the more complex task management becomes. The solution to this is multi-cloud management. This powerful set of features seeks to simplify and streamline maintenance by supplying a centralized management platform that is able to interact with the different tools available.
But these perks don’t come without consequences. The more cloud environments, the more possibilities for cloud disasters to happen. Even the most advanced VPNs cannot shield your company from it.
To find out how security incidents can be avoided and how the cloud should be adopted properly, we reached out to Khalil Rizkallah, CEO of Kloudr – a Multi-Cloud Managed Services Provider.
Tell us, how did Kloudr come about? What has your journey been like?
Kloudr is a Multi-Cloud Managed Services Provider born in the cloud. Established in 2018, its roots go back to 1994 when we pioneered the introduction, development, and expansion of cutting-edge Information & Communication Technology services including:
- Distributing commercial internet access client/server products
- Founding ISPs, and establishing the ISP operations for the major incumbents
- Launching the first of many Tier 3 and Tier 4 Data Centres
- Establishing Managed Service Provider professional organizations
Can you introduce us to what you do? What technology do you use to secure data in the cloud?
Kloudr designs, builds, secures, and manages cloud infrastructures. Through our partnerships with Amazon Web Services (AWS), Google Cloud, Microsoft Azure, and Oracle Cloud, we help our customers build and optimize their cloud platforms. The Kloudr cloud architecture is secure by design.
By following the best-recommended practices like AWS Well-Architected Framework, our engineers implement the access procedures depending on the type of service or application. We use our proprietary processes and procedures in conjunction with third-party tools to make sure our customer data is secure on the cloud and immune to data breaches.
What does the process of cloud disaster recovery usually look like? Can everything be restored “back to normal” after an incident?
There are several types of Cloud Disaster Recovery scenarios depending on the availability and criticality of the infrastructure. A near-zero downtime scenario requires a warm Disaster Recovery setup where identical infrastructures run in two regions on the cloud. In case of failure in one of the regions, the service will not be affected and there will be no data loss.
In other scenarios and depending on the acceptable business downtime, a cold Disaster Recovery platform is designed to allow the DR platform to be brought online and data to be restored. The DR strategy is guided by the level of availability of the business and budget. With the right strategy and budget, everything can go back to normal after an incident.
How did the recent global events affect your field of work? Were there any new challenges you had to adapt to?
The recent global events were challenging for everyone, and they changed the way businesses are run. We have seen a much higher rate of cloud adoption with everyone working from home and requiring more flexible and highly available platforms.
With our Operation Centre setup on the cloud, we were able to quickly adapt to the changes and cope with the surge of demand for our services
What types of attacks do you think are going to emerge as a result of the growing use of the cloud and other advancing cybersecurity measures?
- Ransomware. As organisations move more of their data into the cloud, criminals are turning their attention to so-called ransomware attacks, which seek to compromise data stored on the cloud. Ransomware typically involves infecting devices with a virus that locks files away behind unbreakable cryptography and threatens to destroy them unless a ransom is paid, usually in the form of untraceable cryptocurrency. Alternatively, the software virus may threaten to publish the data publicly, leaving the organisation liable to enormous fines.
- Misconfigured services / Human Error. In a security context, human error means unintentional actions – or lack of action – by employees and users that cause, spread or allow a security breach to take place. This encompasses a vast range of activities, from downloading infected attachments by email to using weak passwords and opening your cloud environment wide open to attackers to breach.
What actions can average Internet users take to protect themselves from these new threats?
Education is the most effective method of tackling these threats. Changing work practices, routines, and technologies to systematically reduce the opportunity for error is the best way to start mitigation efforts. Introducing proactive monitoring, minimising privileged access control, and automating where possible.
In your opinion, which industries should be the most concerned with implementing cloud solutions and why?
We believe that cloud adoption is not industry-specific as customers across all industries can benefit from the high availability, scalability, and security of the Cloud.
Some industries that might be bound to compliance and regulations can still use the Cloud for online or public website data, other industries like e-commerce would benefit the most from the auto-scaling feature of the cloud to cater to traffic surges during specific promotions.
As more companies move their workload to the cloud, are there any details that might be overlooked when making the switch?
Security and cost optimization are two important factors not to overlook when making the switch. Security on the cloud is a shared responsibility and customers cannot only rely on the security of the cloud providers. They also need to properly secure their infrastructure.
Cost control and optimization are also critical as the cost of the cloud can quickly skyrocket if it’s not properly managed. Therefore, it is very important to work with a Cloud Managed Service Provider like Kloudr who can help secure and optimize the cloud platform.
And finally, what’s next for Kloudr?
Our aim is to maintain the level of service we provide to our customers as they rely on us to optimize their platforms and ensure the highest levels of availability and security.
We will continue our geographical expansion as we follow the sun and provide 24/7 proactive support with Service Level Agreements.
