As many organizations shift elements of their IT infrastructures to the public cloud, they must be aware of the new risks this move carries. Often, organizations make the false assumption that, in outsourcing the ownership of hardware and data center operations, they have also outsourced security to the cloud service provider.

While this is partially true because the organization is no longer required to deal with physical and infrastructure security, stakeholders are still responsible for compliance, data security, application security and possibly platform security if they are managing their own virtual machines or containers. A CSP’s documentation of the shared responsibility model will explain in more detail where it delineates responsibility.

In the world of risk management, we spend a lot of time preparing for the unexpected, because we know that unexpected events will inevitably occur. This mindset colors everything we do in our professional careers and often spreads to our personal lives as well. I’ve endured eye rolls from my children when I forced them to participate in fire drills, what-if disaster scenario discussions and other preparedness exercises. But I know that thinking through how we would handle a surprising situation in advance arms us with a plan of action should it actually occur.

Does your organization have a plan of action in the event of a major cybersecurity incident? Sure, you likely have an incident response plan sitting somewhere on a shared drive, but is it covered in digital cyber dust, or is it an active document that the team embraces as part of a daily routine? Regular practice helps keep your plan fresh and your team prepared to spring into action at a moment’s notice. CDW offers two services designed to shake that cyber dust off of your plan.

Cloud governance is a framework that guides how end users make use of cloud services by defining and creating policies to control costs, minimize security risks, improve efficiency and accelerate deployment. It’s imperative to have good cloud governance because it’s a foundational element to your cloud practice that provides the ability to scale and be successful.

Migrating to the cloud is an exciting journey as it provides greater flexibility to the IT teams for creating resources and provisioning them. Gone are the days when it used to take weeks and months to request resources and additional provisioning from the infrastructure teams. Cloud vendors now provide the capabilities to create resources such as compute instances plus add-on software, databases, firewall groups, storage, etc. via APIs.

The cloud-provided capabilities are very powerful and can potentially bring many inconsistencies and resource ownership issues into the environment.

Startup founders sometimes view IT as a matter for mature companies — something to worry about down the road. In fact, technology should be part of strategic planning regardless of a company’s age or size.

The right solutions facilitate growth, increase agility and strengthen cybersecurity, all of which advance business development. Conversely, technology becomes a roadblock when startups lack the time, expertise or resources to reach the most critical milestones in a startup’s lifecycle: problem/solution fit, product/market fit, monetization and scale.

The social and economic upheaval related to the COVID-19 pandemic has underscored the importance of agility and the powerful ways in which it can be enabled by technology. Startups with a solid technology foundation are more likely to possess the resilience to ride out the storm and, perhaps, emerge even stronger.

The promises of the CMDB have been around a long time. The Information Technology Infrastructure Library (ITIL) popularized the concept back in the 1980s and 1990s as a foundational element of IT service management.

The benefits are clear: having a trusted data source with a rich set of relational information provides organizations with decision-making capabilities to support more efficient operations, better user experiences and proactive mitigation of risk. The marketplace has no shortage of services, technologies and service management platforms that support and rely on the CMDB. A CMDB, and by extension, the capabilities it enables, continues to be an important goal for organizations, even more so now considering the impact of digital transformation.

The fact that compliance efforts can be challenging is no surprise to IT professionals and managers. Today’s regulatory environment is full of security and privacy regulations that place strict limits on the collection, handling and storage of sensitive information, and IT teams often find themselves responsible for the heavy lifting of compliance programs.

I recently had the opportunity to visit with a retailer that operates a large contact center to support its international chain of stores. The company was in the early stages of reviewing its compliance obligations and asked us to find ways to modify business practices to reduce the scope of its compliance efforts. After reviewing the company’s activities, we discovered a few small changes in the way the company handles information that could dramatically reduce its compliance burden. Organizations across industries can draw lessons from this experience as they seek to reduce their own costs of compliance.