'Absolute garbage': Comm Bank CIO dismisses security, data sovereignty as cloud barriers
- 13 November, 2012 18:19
Commonwealth Bank CIO Michael Harte today told participants at a Sydney event organised by Amazon.com's cloud computing arm, Amazon Web Services (AWS), that data sovereignty and security have been used as unjustified excuses to stop businesses moving to the cloud.
"The favourite [excuses] I used to hear when I talked to the big household names in infrastructure equipment was, 'It doesn't look very secure Michael. You can't do that. And there's data sovereignty; you'd want to look very, very carefully at that. And this on-demand pricing — no we just can't do that we've got rules saying specifically we can't."
Harte condemned the excuses as "absolute garbage".
CBA has shifted a dozen on-premise applications to the cloud, Harte told the audience at AWS's Customer Appreciation Day event. "The operational cost reduction is huge," he said.
"We've halved storage costs, we've halved most of our app testing and development cost. We've got a wide range of technology functions as a service. We've got application development, testing, infrastructure, software and storage."
Harte said the bank was looking for a "40 per cent improvement in pricing across all the things that we consume as a service".
"We've saved already tens of millions of dollars in the small initiatives that we've done. And we're looking forward to saving hundreds of millions of dollars buying specified services on demand."
Beyond costs, Harte said the benefit of cloud was in changing the relationship of IT with business partners within an enterprise — "the happiness that you can get from your business partners because you're delivering services up on demand within minutes or within days rather than within days, months, weeks, that it normally took."
Harte said that Australian businesses haven't moved fast enough to embrace cloud and urged the audience to "get in front of the executive committees of your business and talk to them about the ways we can free up spending and make IT a valued partner".
AWS overnight publicly launched its Asia Pacific (Sydney) Region, offering customers access to two data centres.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- The TCO and Security of Enterprise Grade Mobility
- Best Practices for ERP Implementation
- Social Media Toolkit: Example Social Media Policy
- Migrate From Solaris with Confidence
- Businesses are ready for a new approach to IT - Simplify deployment and reduce complexity using systems integrated with expertise
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Spiceworks' free management software gets integrated MDM
Endpoint Security and Virtualisation
Besides form factor, virtual systems are not really that different than physical systems. They both use the same operating systems and applications. They both present users with computing resources such as RAM and hard drives. Consequently, the ability to exploit vulnerabilities in a physical environment will present a significant threat to virtualised environments as well. This paper examines the different endpoint security methods for virtualised environments and presents how Endpoint Protection security provides optimal performance, protection and manageability.
Securing the Promise of Virtualisation
For today’s enterprise, this whitepaper identifies three general areas of risk associated with risk; those that are traditionally areas of risk, the hazards that are exclusive to virtualisation and the more recent set of risks that are associated with newly formed hybrid environments. Read more to find out how to keep pace with evolving threats, quicker provisioning and dynamically mobile workloads.
New Demands for Real-time Threat Management
Many organisations are evaluating a new security model based upon IT risk management best practices. This is a good idea, but not enough for today’s dynamic and malevolent threat landscape. To keep up with IT changes and external threats, large organisations need to embrace two new security practices: real-time risk management for day-to-day security adjustments and real-time threat management to detect and remediate sophisticated, stealthy, and damaging security breaches (i.e., advanced persistent threats, or APTs). Learn more.