Meet Kion at the AWS Public Sector Summit - best practices, swag, and more at our booth! Learn more

Blog Continuous Compliance

An Abundance of Variables Means 100 Percent Security Is Not Realistic

5 min read

Last updated on March 16th, 2022 at 12:28pm

The business world has seen a great shift — everyone is leaving data centers behind and moving to the cloud — especially growing companies. Many do it for security reasons, others hope for easier management and lower risk associated with data loss and breaches.

However, moving complicated systems to the cloud is not always as easy as it sounds. While it increases data security to a certain level, there are still variables that need to be properly addressed, such as securing and encrypting the company's network and all the devices connected to it with the use of a VPN. Proper and efficient cloud management is especially important.

With that in mind, Cybernews sat down to talk with Joseph Spurrier, Chief Technology Officer and Co-Founder of Kion, a cloud enablement service provider. We discussed what is most important when migrating a business to the cloud, what are some of the risks associated with the cloud, and how to best deal with them.

Can you tell us a little bit about what you do? What is cloud enablement?

At Kion, we combine cloud governance and management to bring organizations an all-in-one cloud enablement solution that empowers them to achieve the full benefits provided by the cloud. Cloud enablement is an approach that restores consistency and control to cloud users while also improving the enterprise cloud experience.

Kion makes cloud enablement possible by focusing on three core pillars: Automation and Orchestration, Financial Management, and Continuous Compliance. Instead of these areas being done in siloes, we enable teams to work together so that the cloud is shaped to a company’s needs, rather than companies being shaped to the cloud’s needs.

What are the main challenges companies run into on their cloud journey?

Organizations have been rapidly migrating to the cloud, yet many of them experience significant challenges that ultimately stop them in their tracks. The biggest blockers to cloud adoption are budget overruns, overall security concerns, and possible technical issues/outages. Many organizations are unaware of their spending in the cloud and do not have the necessary resources in place to identify overspend. Once they experience a budget overrun, they have to pause their cloud adoption immediately. On the other hand, many organizations also experience technical issues/outages that are typically associated with not leveraging a multi-cloud approach. Organizations that lock themselves into a single provider, giving them all of the keys to the kingdom, are negatively impacted when an outage occurs.

How do you think the pandemic influenced your industry?

The pandemic caused organizations, regardless of industry, to undergo their own digital transformation. As society shifted to the “new normal” of working remotely or hosting virtual classes, organizations needed to determine how best to utilize either new or existing resources, especially as it pertained to cloud adoption. This is why we have seen surging cloud adoption and spending. Now that organizations have adopted the cloud, the true challenge is ensuring that they have the proper procedures in place to not only take advantage of these resources but put in place guardrails to prevent negative compliance or financial consequences.

Many companies have chosen cloud solutions to enhance security, but is it truly a flawless option? Are there any risks that might be overlooked?

Security is an ongoing initiative, and no company can be 100% secure because there are many variables in the equation, many of which rely on other vendors and cloud providers. The goal with security is to minimize your risk to an acceptable level. It’s a balancing act between how much to spend and how secure you want to be. Our software provides customers with a framework to prevent, detect, report, and remediate in the cloud, but there are still vulnerabilities in the process and people that software simply can’t fix. Risk analysis is key for companies to enhance their security posture.

How did Kion originate? What was your journey like throughout the years?

Kion started as an internal research and development project inside of a professional services organization. We built the predecessor to Kion as a cloud management tool when we couldn’t find one solution that addressed all of our needs. After seeing initial interest and success with customers, we launched as a separate entity to address the challenges companies face when growing in the cloud. We started with 8 employees and now, more than 3 years later, we have over 50 employees in our post-Series A company.

In your opinion, which industries should be the most concerned with implementing cloud solutions and why?

The industries that should be the most concerned are those that have experienced a lot of growth, especially during the pandemic, like tech companies, healthcare, education, and government. These are just a few examples, but they benefit from cloud solutions because it takes longer to expand a data center than it does to expand in the cloud. If your business requires you to grow, you don’t want to be slowed down by a procurement process.

Besides moving to the cloud, what other security measures do you think are essential for businesses nowadays?

Cybersecurity, in general, is increasingly important as more workloads move to cloud environments. There are more available attack vectors and a greater chance for misconfiguration in the cloud because the difference between public and private data is sometimes just a checkbox. Defense in depth will also be necessary regardless of the technology you’re using. The balance is how much defense before it starts affecting productivity. Internal training is also essential because people are typically the weakest link in any system - you need to make sure your teams know what to do to protect themselves, as well as the company, from malicious attacks.

Talking about average Internet users, what personal security tools do you think will become widespread in the near future?

Multi-factor authentication should be a requirement for most services today because it really does decrease the number of successful attacks by a large margin. It’s a low-cost investment with a big impact. I also see better identity management becoming more widespread in the near future. I look forward to a day where we won’t need a password manager and instead can use a single MFA device with a pin that we can easily rotate on a regular basis for all of our accounts.

Share with us, what’s next for Kion?

We’re building out additional integration with Google Cloud and adding some cool features that will give organizations even more visibility into all of their cloud resources. Stay tuned!

Start your cloud enablement journey.

Request a demo today,