Despite the heavy investment in contact center cloud migration predicted for 2019 (over $3.5bn) around half will stall or fail. There are a number of reasons why this might happen.
This post is the third in a series of blog posts on the reasons why cloud migrations fail and the strategies for mitigating the risk.
Moving from a centrally controlled on-premise contact center which has had no security issues or data breaches to a publicly hosted service with little or no organizational control can be daunting.
At the same time as contact centers move from a situation where they manage all process, systems and technologies to a managed service provided by the cloud vendor the expectation can be that the platform-native security controls are sufficient.
This is not necessarily the case.
Vendors will generally provide a basic level of security however, 80% of cloud breaches are expected to be caused by misconfigurations and management of the security controls found natively within the cloud platform.
Organizations need to do more to ensure that the security on their cloud platform meets their needs.
As mentioned in the first blog of this series Cloud migration failure: every cloud has a different lining, there are a number of different cloud strategies available. Private cloud is an option for particularly sensitive data as it offers increased levels of security, however, it can be very expensive.
Is there another answer?
Organizations need to supercharge their cloud providers security standards and here’s how:
- Setting a minimum-security standard that cloud providers need to adhere to will help with the vendor selection and ensure consistency across platforms;
- Detail where the gaps are in the cloud provider’s security provision and supplement them with your own standards and initiatives;
- Ensure you have the right talent onboard to implement and drive the security initiatives that are appropriate for the new cloud technology;
- Confirm that your chosen cloud provider(s) conduct frequent audits and reviews or their security and compliance standards and that updates are done regularly.