What do new cybersecurity rules mean for the cloud, ITSM and ITAM?


Despite the many benefits of the cloud, on-premises ITSM and ITAM platforms will remain a critical piece of the cybersecurity puzzle in the years ahead.

Enterprise AI works through cloud-based SaaS or as an on-premises solution. Tim Lawes, senior manager, solutions consulting at SymphonyAI Summit, discusses how flexibility could be increasingly important as Europe, the US, and other regions implement new data protection measures.  

An American IT company recently ended the development of its on-premises solutions platform, meaning customers using it would no longer receive updates. At first blush, it’s a smart idea. Everyone is migrating to the cloud, where multi-tenant IT service management (ITSM) and IT asset management (ITAM) solutions are cheaper and easier to maintain. On-premises solutions, in contrast, are more costly and less flexible because they require more dedicated hardware that must be maintained on-site.

However, some very important clients are not on board with this trend. Despite the many benefits of the cloud, on-premises ITSM and ITAM platforms will remain a critical piece of the cybersecurity puzzle in the years ahead.

The European Union, for example, is pursuing the European Cyber Situational Awareness Platform, or ECYSAP,  which aims to develop an “intrinsically secure platform” for European defense ministries and cyber-defense agencies. On-premises ITSM is part of the plan. Similar efforts are underway in the U.S. federal government, where officials are still smarting from the hacking exposed vulnerabilities in the Pentagon, Department of Homeland Security, Treasury, and elsewhere.

Adapting to New Rules

U.S. agencies have imposed new cyber rules on banks, pipelines, rail systems, airlines, and airports in the past few months. As this continues, secure enterprise service management (ESM) – on platforms that combine ITSM and ITAM with facilities, operations, and human resources capabilities – will become an increasingly complex challenge in the education, healthcare, and manufacturing industries.

Managed service providers need to step up their game if they intend to furnish these clients with IT services and enterprise service management in general. Only the most innovative IT, enterprise and asset management solutions that can guarantee the highest levels of security will be accepted.

That said, firms offering on-premises solutions, novel licensing plans and other features are likely to thrive in the new world that these data protection rules are creating. ITSM and ESM solutions that offer AI-powered digital agents, for example, can add a high level of convenience that reflects the latest trends in user interfaces while also maintaining security – a standard that some clients can’t compromise.

In the new era of data sovereignty and data extradition, robust on-premises ESM solutions are essential because those who possess their data will have more control over it. They won’t necessarily need, for example,  to comply with foreign governments demanding access to their information. Nor will they be in a situation where a third-party (e.g., Amazon or Facebook) can give out their data in a foreign jurisdiction without their permission. These are tricky issues that involve tough legal questions. But they leave no doubt that the best enterprise service management solutions are required as partners.

Balancing Scalability and Security

Nothing is more important than scalability for ESM solutions, whether on the cloud or on-premises. While on-premises solutions are often viewed as being more restrictive, given the constraints of on-site hardware, top-of-the-line service providers are combining the security and customizability of on-site ITSM, ITAM, and other tools with the scalability one expects on the cloud.

Regardless of what sector you’re working in, COVID-19 surely put your enterprise management capabilities to the test, whether it was the sudden shift from desktop to laptop computers, securing dispersed networks as workers went remote, managing schedules to accommodate for unpredictable absences with each wave of the coronavirus, or handling the mounting challenge of onboarding and integrating new employees amid the Great Resignation.

Companies discovered that they needed more robust ITSM to handle pandemic-related work shifts as well as better ITAM to track their equipment, devices, and other assets while also controlling spending on licenses and preventing over or underbuying of hardware and software.

If your company was running on outdated or inflexible ESM platforms, the past two years have magnified those demands. The pandemic — combined with the worrying surge in cyberattacks on the private and public sector — has caused many large companies to reassess their tech stack and ESM needs and perhaps even reevaluate their current providers.

See More: Why Should Developing Vendor Cybersecurity Be a Top Priority

Growing with AI

Meanwhile, like so many tech-forward sectors, enterprise service management is only beginning to realize the potential of AI in facets from cyber-security monitoring to asset management and human resource tools. In just the past year, entire industries have been put on notice by cyber threats, creating new demand for flexible ESM solutions that ensure data remains secure while still being instantly available to those who need it, wherever they are working, with AI-powered troubleshooting tools and predictive insights.

The attack last year on JBS, one of the world’s largest international meat processors, opened the eyes of manufacturing executives across the country to the danger of ransomware. Meanwhile, cyberattacks on education institutions jumped 30 percent worldwide last year, and cyber-criminals have repeatedly targeted vulnerabilities in hospitals and healthcare organizations.

While the current focus of many policymakers in Europe and the US when it comes to platform security is directed at susceptible areas such as defense and national security, the policies and best practices being developed by government agencies and contractors will likely inform the future of ITSM, ITAM, and ESM in other public and private sectors.

Long-term Planning

When it comes to the debate between on-premises or cloud-based solutions, it will become clear that both are necessary depending on the industry and enterprise. The best managed service providers will be platform-agnostic, capable of delivering the same scalability, AI functionality and quality of service regardless of the security environment.

Executives should take a similar approach in laying out their company’s long-term vision for ESM and data security. Don’t be overly influenced by specific vendors or partners. Take stock of your needs, the expanding options on the market, and settle on a strategy and solution that marries scalability with security and a superior user experience.