Security Imperatives for Communications Service Providers

Business securityFor years, communications service providers (CSPs) have ridden the crest of the wave; business was booming, and sales were good. During the last decade, Internet usage exploded as the number of users grew from 745 million to 3,035 million. CSPs could be forgiven for forgetting what happened to many retailers when consumers switched their buying habits from brick-and-mortar establishments to online purchasing.

However, as the saying goes, all good things come to an end. CSPs are now facing increased competition and lower revenues, and they are seeking new ways to boost income and profitability.

Apart from intense competition, they are confronting other challenges such as losses due to inefficient business practices, fraud, and security breaches. These challenges threaten their profitability and indicate the need for proactive measures to stop these losses and increase operational efficiency.

Learning from the Retail Industry

In many ways, CSPs are facing what store-based retailers, also known as brick-and-mortar stores, experienced during the early days of Internet shopping; at this time, they started to feel the pinch as online retailers began to undercut their businesses.

Prior to this, retailers’ main concerns were local competition from other retailers. They didn’t grasp the significance of the threat created by emergent online retailers until they experienced reduced revenues as their customers, attracted by the lower prices such operations could offer and their ability to sell a far wider range of products than the brick-and-mortar retailers could stock, left in droves.

By this time, much of the damage had been done, and many brick-and-mortar retailers did not recover.

Impact of Market Forces on CSPs

Inevitably, the same market forces that caused the demise of well-established brick-and-mortar retailers are now hitting CSPs, and, in many ways, they are equally unprepared.

Their initial responses were to offer faster and better services, but these changes came at significant costs due to the expense of upgrading fixed line infrastructure, installing fiber cables, and purchasing hardware to increase broadband speeds and to extend their reach to wider segments of the population.

Also, in the face of competition and regulatory pressure, CSPs have tried to increase turnover by engaging in price wars, offering value-added services, and bundling products. They are also engaged in massive cost-cutting exercises to reduce fixed costs and improve profitability. Nevertheless, many CSPs are facing a difficult future.

Initial Interventions

In addition to CSPs’ efforts to boost revenue by cutting costs and improving services, several surveys showed they were losing as much as 10 percent of their gross revenue through inefficient business practices, poor business management, and fraud. This led to the introduction of sophisticated software and hardware management practices to monitor systems continuously so that they could identify and deal with losses quickly.

While these steps helped stem the flow and were largely successful, by their very nature, they are reactive in response to incidents that have already occurred. More recent incidents, such as the Home Depot data system breach in September 2014, show that the industry needs to find proactive methods of dealing with such attacks so as to prevent their occurrence and to limit their impact.

Need for Prevention

CSPs cannot afford to be reactive. They need to adopt a proactive stance by implementing business assurance practices that mitigate risks to revenue and profitability.

They have to be continually on guard to prevent malicious attacks and security breaches. To achieve these goals, they need to implement proactive business assurance systems that continually monitor system activity and that identify and close loopholes before hackers find them.

Comparing the Benefits of the Public, Private, and Internal Clouds

Cloud choiceCorporate IT managers have many choices when considering IT infrastructure and data storage requirements: the public cloud, the private cloud, and/or in-house cloud solutions. As cloud solutions have matured, earlier reservations that some had about reliable access and data security have been reconciled, and most recognize the cloud’s many benefits, especially it’s easy access, lower costs, and flexibility.

Companies can use the cloud for the provision of software (Software as a Service), as a virtual data center, or–among other options–as a software platform to develop unique software solutions. Each cloud solutions has its distinct benefits.

The Public Cloud

Public cloud services are offered on a subscription basis. These services are invariably shared by multiple users and are usually used to provide SaaS solutions.

Some of the benefits of this approach include the following:

  • Minimal up-front expenditure that eases entry for smaller companies.
  • Flexible charges based on actual usage.
  • Scalable solutions that can be readily ramped both up and down in response to needs.
  • Minimal IT staffing requirements.
  • Provision of advanced data security management, including data backups and disaster recovery processes.

The cloud has enabled outsourcing like never before. In 2013, according to the Wall Street Journal, it was expected that outsourcing of IT services globally would amount to $483 billion.

Private Cloud

The private cloud differs in that services are not shared and are usually used by large companies as an extension of their own in-house data centers or in place of them. IT services in a private cloud are frequently outsourced but are for the exclusive use of the organization.

The main benefits of a private cloud are these:

  • Possibly, there will be no need for the purchase of expensive IT hardware. Although total costs still have to be carried by the company utilizing the private cloud, this can be on a subscription basis.
  • Companies have full control of access.
  • The private cloud is inside the corporate firewall.
  • Users provide, run, and manage their own software applications using a dedicated in-house IT team.

The real benefit of a private cloud is that organizations retain full control over their IT environment but have the benefit that the facilities are outsourced.

The Internal Cloud

The internal cloud is often also referred to as a private cloud, but in this context, it is taken to refer to a data center that is owned and run by the user. Usually, it is structured in much the same manner as a private cloud.

Benefits of the internal cloud include the following:

  • Full control of all aspects of internal cloud.
  • No reliance on outside agencies.
  • Full responsibility for security and backups.

Although the organization benefits from full control, it also carries the full cost of the infrastructure and typically has to finance the purchase of hardware and software.

Which Solution?

Each solution offers benefits but also disadvantages. The choice largely depends upon the extent to which the organization desires full control over its IT infrastructure against the greater flexibility and usually lower cost of a public cloud solution.

In many ways, the private cloud and internal cloud are very similar, but what they do offer is complete choice when it comes to software selection, control, and customization; with the public cloud, choices are more limited.