-
Featured services
Think beyond the robots
The successful integration of AI and IoT in manufacturing will depend on effective change management, upskilling and rethinking business models.
Read the blog -
Services
Leverage our capabilities to accelerate your business transformation.
-
Services
Network Services
Popular Products
-
Private 5G
Our turnkey private 5G network enables custom-built solutions that are designed around unique use cases and strategies, and deployed, run and optimized through a full network-as-a-service model.
-
Managed Campus Networks
Our Managed Campus Networks services transform campus networks, corporate area networks and interconnected local area networks, and connect smart places and industries.
-
-
Services
Cloud
Popular Products
-
Cloud Architecture and Modernization
Discover how to achieve your business goals through cloud modernization practices, that deliver improved agility, reusability and scalability.
-
Cloud Optimization
Discover how to maximize operational excellence, business continuity and financial sustainability through our cloud-advanced optimization services.
-
-
Services
Consulting
-
-
Services
Data and Artificial intelligence
-
Services
Technology Solutions
Client stories
-
Services
Data Center Services
-
Services
CX and Design
-
Services
Application Services
-
Services
Sustainability Services
-
Services
Digital Workplace
-
Services
Business Process Services
Master your GenAI destiny
We’ll help you navigate the complexities and opportunities of GenAI.
Explore GenAI -
-
-
Insights
Recent Insights
-
The Future of Networking in 2025 and Beyond
-
Using the cloud to cut costs needs the right approach
When organizations focus on transformation, a move to the cloud can deliver cost savings – but they often need expert advice to help them along their journey
-
Make zero trust security work for your organization
Make zero trust security work for your organization across hybrid work environments.
-
-
Master your GenAI destiny
We’ll help you navigate the complexities and opportunities of GenAI.
Explore GenAI -
-
Master your GenAI destiny
We’ll help you navigate the complexities and opportunities of GenAI.
Explore GenAI -
Discover how we accelerate your business transformation
-
About us
CLIENT STORIES
-
Liantis
Over time, Liantis – an established HR company in Belgium – had built up data islands and isolated solutions as part of their legacy system.
-
Randstad
We ensured that Randstad’s migration to Genesys Cloud CX had no impact on availability, ensuring an exceptional user experience for clients and talent.
-
-
CLIENT STORIES
-
Liantis
Over time, Liantis – an established HR company in Belgium – had built up data islands and isolated solutions as part of their legacy system.
-
Randstad
We ensured that Randstad’s migration to Genesys Cloud CX had no impact on availability, ensuring an exceptional user experience for clients and talent.
-
-
CLIENT STORIES
-
Liantis
Over time, Liantis – an established HR company in Belgium – had built up data islands and isolated solutions as part of their legacy system.
-
Randstad
We ensured that Randstad’s migration to Genesys Cloud CX had no impact on availability, ensuring an exceptional user experience for clients and talent.
-
Everest Group PEAK Matrix® Assessment
NTT DATA is a Leader and Star Performer in the Everest Group Sustainability Enablement Technology Services PEAK Matrix® Assessment 2024.
Get the Everest report -
- Careers
Topics in this article
In 2021, McKinsey found that cloud adoption by US Fortune 500 organizations could generate about USD 1 trillion in value by 2030. Late in 2022, they extended this forecast to Forbes Global 2000 organizations, which bumped up the figure to USD 3 trillion by 2030.
The cloud is clearly becoming the engine of enterprise operations. Yet, despite this growing dependence on the cloud, one important topic is often overlooked: security.
Some organizations have a limited understanding of cloud hosting and don’t know how to secure their cloud workloads, while others believe that security is solely the duty of the cloud service provider. Either way, the absence of proactive security measures leaves them vulnerable to potentially serious breaches.
In the financial services industry, for example, a breach could affect business continuity and disrupt services such as mobile money, internet banking and ecommerce platforms – damaging brand perception and loyalty, and ultimately leading to customer attrition.
No strategy means more risk
Organizations that want to migrate services to the cloud need a specific cloud strategy to support these goals and their overarching business objectives – yet many don’t. Their adoption of cloud computing is instead driven by less well-considered reasons: “We should move operations to the cloud because our peers or competitors are doing it, so it must be a good thing.” Or, even worse, “We allocated funds to this in our budget that must now be spent.”
Security should be a key element of any cloud strategy. For reasons of accountability and liability, cloud service providers adopt a model of shared responsibility with their clients, depending on the type of cloud computing service they’re providing – infrastructure as a service, platform as a service or software as a service. So, the cloud strategy must set out the client organization’s security obligations within a secure-by-design architecture that proactively mitigates risk.
The threats associated with cloud computing include:
- Insecure application programming interfaces (APIs): A major risk: amid the proliferation of IoT devices and data-based applications, there is also a higher number of system and application integrations to support data-based decision-making.
- Malicious insiders: Users with malicious intent may already have access to cloud servers and administrative functionality, which means they can easily launch attacks.
- Denial-of-service attacks: These render cloud-based business services inaccessible by shutting down or severely slowing network traffic, for example.
- Misconfiguration: On the infrastructure side, subnets, load balancers, virtual machines and other technology may have misconfigured settings that could leave an organization vulnerable to data breaches.
Keep an eye on compliance and assurance
Another risk area is legal and regulatory compliance. Under the European Union’s General Data Protection Regulation (GDPR), for example, even less severe infringements can lead to a fine of EUR 10 million or 2% of a firm’s annual revenue, whichever is higher, or up to EUR 20 million or 4% of a firm’s annual revenue for more serious violations. In our globalized society, most countries have now put in place legislation on data protection and privacy.
Assurance – the process of ensuring that customers receive the services they have paid for smoothly and effectively – is also a vital area, as it limits interruptions to company operations. This means services must be accessible when they are needed, and data that is saved or processed in the cloud should not be intercepted or changed without accountability. Most importantly, only employees with the appropriate access rights should be able to access the data.
Therefore, organizations’ cloud strategy and security policies must address these issues.
Who looks after what in cloud services?
The shared responsibility for security in cloud-based ecosystems is typically divided as follows:
- Client organizations are responsible for authentication and access control; the encryption of client data or at server and network level; customer data, platforms and applications; and the operating systems, networks and firewall configurations that form part of their core infrastructure.
- Cloud service providers take care of the machinery that supports their cloud services, including facilities, networks, hardware and software. While software security criteria relate to computing capacity, storage management, databases and networking, for example, the hardware criteria take into account regions, Azure Edge Zones and Amazon Web Services (AWS) Availability Zones, among others.
Automation makes life easier
Organizations can address cloud security issues in several ways, but it can become a pricey exercise – both financially and in terms of potential security breaches.
Automation can help to maintain consistent security levels across rapidly changing on-premises and cloud-based environments while allowing organizations to meet their goals for time savings, agility, scalability and cost-effectiveness.
In this way, they can automatically monitor cloud-based applications and infrastructure on major platforms (including Google, Microsoft, AWS, SAP, Oracle Cloud Infrastructure and Verizon), continually improve their security posture and maintain their compliance with data and security regulations.
How we can help
The cloud delivers many advantages to organizations, but it also comes with unique security challenges. Cloud-based infrastructure is very different from on-premises data centers, and traditional security tools and strategies do not apply.
That’s why, at NTT DATA, we have tailored a range of managed cloud infrastructure services – including Managed Public Cloud, Managed Private Cloud and Managed Infrastructure Services – that cover all your organization’s cloud needs, end to end. We have more than two decades of experience and accredited expertise in a variety of cloud environments, and we’ll find the cloud solution that’s best for your organization.