During a chat at the annual F5 Agility event held in Singapore last month, Edwin Seo, Solution Architect at F5 Networks Singapore, agreed that security served as a primary reason as to why a quarter of Singapore enterprises are still not jumping on the cloud bandwagon.
"Based on the study, about 68 percent of the respondents highlighted security as their biggest stumbling block. I believe that for organisations like F5 - it's our duty to help them not only start looking at cloud services, but also equip them with technology and make them aware that it is actually safe to do certain things in the cloud," said Seo.
"Not everything, but certain things," he emphasized.
For instance, in the banking industry in Singapore, Internet banking that runs over HTTPS is regarded as secure. But what happens to key security? Seo believes that it should always be maintained on-premise - within the bank's own backyard and maintained by the bank's own personnel, rather than outsourcing it to cloud.
"Of course we do have the vehicle to securely store some of these keys in the cloud; but for certain industries like FSI, it may be better to have a hybrid strategy. There are certain things you can protect in the cloud, and there are certain things, like decryption, which you should do on-premise," said Seo.
Joining in on the conversation, Julian Eames, Executive VP, Business Operations, F5 Networks, added that besides security concerns, organisations also tend to have issues with the "reliability and robustness" of the cloud itself.
"In the early days, some of the applications that cloud providers are dealing with is not necessarily real-time critical. This is primarily because the uptime of that surface was not as good as running your own data centres. So if you are transacting orders and producing invoices, obviously it's real time. If you didn't put that out in the cloud in that point in time, that would be an issue as various cloud providers have upped their game in terms of infrastructure that they've got and the level of uptime that they would guarantee for their clients," he explained.
F5 initiatives in boosting cybersecurity
In lieu of the F5 Agility event, F5 also announced two key security developments for enterprises to protect their web applications: a new global Security Operations Centre (SOC) facility located at the company's headquarters in the United States, and its new cloud-delivered web application firewall (WAF) service.
The SOC supports customers using the Silverline cloud-based application services platform by providing round-the-clock access to F5 security experts who monitor global layer 4-7 attack activities in real time.
"With the SOC in place, we now have the ability to look at the whole security market - watching attacks taking place from different countries at all times. When the Charlie Hebdo attack was happening in Paris, we watched attacks going in on to the media in Paris from all over the world, not just the Arabian countries," said Eames.
Sign up for CIO Asia eNewsletters.