Cloud service models and responsibilities
Cloud adoption is spreading rapidly and it represents a new opportunity manufacturing organizations should not ignore because of the strong potential impact. However, manufacturing organizations are taking a cautious attitude toward cloud computing because of concerns cloud solutions might not comply with their security policies and respective regulatory obligations.
Manufacturing organizations choosing to use cloud services must specify requirements for their software applications and data that satisfies the needs of their business processes. They must be able to use systems and resources in the cloud within reasonable tolerance levels, which may include responsiveness of the user interface, time taken to execute activities and overall availability of data and software applications in the cloud. These are critical factors to consider especially if you want to run some real-time applications because cloud solutions could very well NOT be the best option for your manufacturing operation.
Cloud computing expectations
Manufacturing organizations naturally have strict expectations of cloud performances they’ve gained from experience in managing their own on-premises systems and resources, and dealing with various suppliers of hardware, software and communications services. To meet these expectations when moving to cloud, manufacturing organizations must exercise due diligence because no consistent cloud security standards have been commonly accepted, but there are still so many standards.
It is important for each manufacturing organization to have its own, well-defined set of security requirements to be able to achieve the maximum benefits from cloud solutions. This is because the cloud service provider (CSP) may have a different set of approaches, best practices, and most importantly, level or quality of security posture that might not stand up to the manufacturer’s requirements.
Cloud computing, by its very nature, is about losing control over software applications and data assets, as well as the processes and procedures to protect them. According to the Cloud Security Alliance (CSA): "Cloud computing is about gracefully losing control while maintaining accountability even if the operational responsibility falls upon one or more third parties."
This means as cloud solutions are adopted, manufacturing organizations are choosing to place a great deal of trust in the hands of CSPs. The level of trust and the degree to which critical control is shared or granted will depend on the cloud service model adopted (see image).
Goran Novkovic, MESA International. This article originally appeared on MESA International’s blog. MESA International is a CFE Media content partner. Edited by Chris Vavra, production editor, CFE Media, firstname.lastname@example.org.
See additional articles from the author linked below.