Blog Posts Business Management

Cloud can mean better security, not less security

Blog: Capgemini CTO Blog

The benefits of cloud and automation are clear to a huge number of businesses, but security concerns continue to slow down access to the full business value they promise.

Seventy four percent of IT leaders say security concerns have restricted their move to public cloud, and in a recent IDG survey of IT directors and CIOs, security topped the list of barriers impeding or stalling cloud infrastructure deployments.

Cloud security concerns fall into three broad types:

Beating security challenges with cloud automation

While these concerns are legitimate, businesses simply cannot afford to let security challenges hold them back from embracing cloud technology. Especially since cloud also offers security advantages.

Cloud automation, in particular, can provide built-in solutions to many common cloud and traditional security concerns. The Capgemini report surveyed IT leaders from 415 companies in North America, Europe, and Asia Pacific, at various stages of applying automation to their IT operations, and found many are gaining significant security advantages.

We are driving an ‘intelligent security’ strategy—fundamentally rethinking the way we do business that raises the bar for technology, and automation is a major element in our strategy, ” said Jens Ekberg, Vice President for Technology and Transformation at Securitas, a Sweden-based security services firm.

Rather than fixating on the basic security concerns surrounding public cloud, business and IT leaders should be thinking about how they can use cloud technology to automate their security processes  for cloud solutions. Virtually risk-free security is achievable using new solutions such as security as code (SaC) and infrastructure as code (IaC) architecture to automate security processes.

Deploying SaC/IaC automation correctly can help a business:

Building security into code with DevSecOps

DevOps has proven to be a very beneficial approach for companies adopting cloud technology. Adding security to the mix makes it even stronger. DevSecOps automates core security tasks by embedding security controls and processes into the DevOps workflow, putting security front and center throughout the development and deployment process.

Security as code is one of the three main ways of upgrading DevOps to DevSecOps. The concept ensures security is integrated into products during development, and promotes tight collaboration between security and development teams – the same kind of collaboration that has made DevOps such a successful and broadly-adopted approach.

For businesses still hesitant about the security of cloud technology, it’s time to zoom out and see the bigger picture. The flexibility of cloud is fundamental to collaborative and automated development and deployment processes, and now companies can weave security into that same fabric, ensuring consistent protection against the very threats that many believe the public cloud will leave them exposed to.

To find out more about the state of cybersecurity in the age of cloud automation, visit the Capgemini security page or read The automation advantage report.

Leave a Comment

Get the BPI Web Feed

Using the HTML code below, you can display this Business Process Incubator page content with the current filter and sorting inside your web site for FREE.

Copy/Paste this code in your website html code:

<iframe src="" frameborder="0" scrolling="auto" width="100%" height="700">

Customizing your BPI Web Feed

You can click on the Get the BPI Web Feed link on any of our page to create the best possible feed for your site. Here are a few tips to customize your BPI Web Feed.

Customizing the Content Filter
On any page, you can add filter criteria using the MORE FILTERS interface:

Customizing the Content Filter

Customizing the Content Sorting
Clicking on the sorting options will also change the way your BPI Web Feed will be ordered on your site:

Get the BPI Web Feed

Some integration examples