I recently hosted a webinar with my Guidewire colleague Caleb Merriman and Amazon Web Services (AWS) Global Head of Financial Services Partner Technology, Peter Williams. The focus was application security in the cloud from the perspectives of the cloud service provider (responsible for security OF the cloud) and the customer (responsible for security IN the cloud).
Cloud computing security concerns have been a barrier to adoption cited by enterprise customers for years, but in the last 18 months that appears to be changing. In a recent survey of our customers, the overwhelming majority of them are planning to expand their use of the cloud in in the coming year. In addition, 66% of them have adopted a “cloud-first” policy, and 20% have established a Cloud Center of Excellence.
In the webinar, Caleb, Peter, and I discussed the following questions:
Is it reasonable to run mission-critical enterprise applications in a public cloud?
Can carriers who are running enterprise applications on-premises continue to use the same security approach, tools, and processes in the cloud?
What are some examples of cloud security services that are better – more scalable, more robust, more cost-effective – than equivalent services and processes on-premise?
How does compliance in the cloud compare to on-premises?
What is the cloud’s relationship to Europe’s General Data Protection Regulation (GDPR), set to begin on May 25, 2018?
Who has primary responsibility for security in the cloud?
What kinds of challenges, security or otherwise, do financial services customers face the most as they adopt the cloud?
What changes has Guidewire made internally and externally as we offer more SaaS services and as we increasingly become a service provider?
For more about our cloud security perspective, please read my recent blog post, Information Security in the Age of the Cloud. My colleague Ryan Smith also recently wrote Is Your Data More – or Less – Secure in the Cloud, in which he offers his thoughts about the recent Celent whitepaper, Security for Core Insurance Systems in the Cloud. And please visit Guidewire’s cloud page to learn more about our thoughts and activities in the cloud.