The COVID-19 pandemic disrupted regular operations for businesses across Quebec. Adjusting was easier for some than others, however, and those with more flexible IT infrastructure fared better. More specifically, cloud computing proved to be a valuable risk management tool because made it facilitated change deployment and protection initiatives.
“But you can’t take half measures,” cautions Dominique Derrier, who is the chief information security officer at NOVIPRO, a firm that specializes in business, IT and cloud computing solutions. “Moving servers to a subcontractor’s data centre isn’t enough. You’ve also got to change your everyday habits and standard operating procedures.”
According to Mr. Derrier, a successful transition to cloud computing involves transforming the company’s relationship with its IT consumption. “If you switch locations but maintain a 1:1 ratio, you don’t gain anything in the long run.”
When it’s time to see a specialist
When companies switch to cloud computing, they start thinking about their hardware and software infrastructure as a pay-per-use service, rather than as a product. Outsourcing your IT infrastructure to a specialized provider gives you the opportunity to deploy additional capacity in a snap with minimal disruption to your operations. This can be a significant advantage when you need to radically reorganize the way you work, as was this case during last spring’s lockdown.
“[Manufacturers] suddenly had to find ways to maintain production with a fraction of their personnel,” explains Fourkane Irki, a systems analyst at NOVIPRO.
But if you want to overhaul your production line quickly, you need large volumes of operational data and AI-driven decision support systems. “Before you can optimize, you need accurate metrics,” says Mr. Derrier.
Once things get back to normal, the same approach will be used for things like determining effective maintenance schedules that support optimal production efficiency.
Protecting your operations and assets
Treating software like it’s a service can also help protect your business operations and assets. That’s because software as a service (SaaS) is something that’s constantly updated by providers, who are also responsible for developing and/or hosting it. This relieves companies of a task that is crucial, but doesn’t create value in itself.
“Corporate IT departments simply don’t have time to apply security patches,” says Mr. Derrier. “That’s why some of the most damaging security breaches in 2020 were enabled by vulnerabilities that we’ve known about since 2017.”
Continuous improvement
A good cloud provider will automatically deploy patches, new features and additional capacity, thereby reducing the risk of human error—a threat that’s now ten times higher because work-from-home arrangements have decentralized so many organizations.
“Employees have become the target and the risk exposure window can be hard to determine,” says Dominique Derrier. “How do you protect offices that are in employees’ homes?”
Companies can gain flexibility and minimize human error risks by opting for cloud computing software that was developed with serious consideration to security at every stage—from design through to post-implementation monitoring, through an approach known as DevSecOps.
Organizations that had already switched to cloud computing before the pandemic found it easier to adjust to the new reality. The spring lockdown measures posed a bigger problem for the rest.
“A lot of businesses effectively hit the panic button,” says Mr. Derrier, the CISO at NOVIPRO. “With a matter of days, they had to deploy virtual private networks (VPNs) to protect all their operations and prevent service interruptions. Ultimately, some ended up taking shortcuts and that put their security at risk.”
