Manufacturing businesses tend to have a plethora of systems and technologies within their IT estates. They often need to clear out all this legacy mess, and the cloud is generally the ideal journey to take to achieve this, especially as it doesn’t require any big bang manners, unlike the upgrades of previous years. 

Yet, considering the fast pace of change we’re currently experiencing, manufacturers need to ensure that their IT environments have built in flexibility to allow them to scale up and out of the environment with ease. Whilst this sounds simple in theory, the scale-out part is critical. 

This ability to scale-out is particularly relevant now, as there is widespread focus on infrastructure, system rationalisation and simplification, and it’s essential to facilitate and support various 'digital transformation' projects. In fact, businesses can only move quickly and take advantage of opportunities – and outpace threats – when their base platform/infrastructure is simple and importantly, when they are not locking up valuable capital or getting locked into restrictive contracts. 

Manufacturers should be wary of putting everything into one platform

Many manufacturing organisations believe that it’s necessary to put all their ‘eggs into one basket’ in relation to the cloud. In the current landscape however, some form of hybrid public-private cloud infrastructure will often deliver the best value and balance between performance, flexibility, security and cost. This is especially true when looking at Computer-Aided Design (CAD) where working on files at a local site is still generally more cost-effective than doing so from the cloud. Of course, it’s also still possible to replicate design files to the cloud to ensure they are protected from any local failures.

Reviewing business continuity is more important than ever

When looking at the cloud, reviewing business continuity is also crucial, particularly as many manufacturers have not given business continuity much focus since the start of the Covid-19 pandemic. 

The risks of a significant system outage, or a complete cloud outage is a reality – especially with the accelerated rise of the cybercrime industry, and now the increasing risk of widespread state sponsored attacks. As such, even if an organisation thinks it is secure enough and doesn’t have availability concerns, it should still be carrying out due diligence across the supply chain, from both a technology and communications perspective.

Manufacturers must evaluate their supply chain’s protection against ransomware

Ransomware is now a huge threat to the corporate network, but when it comes to cloud platforms, the rise of DDoS ransom attacks and ransomware is a particularly big threat. Not only are these types of attacks easy to do, but they are growing exponentially as they move from protest style strikes to a revenue generating attack. As such, it’s critical that manufacturers are evaluating their supply chain’s protection from ransom-focused attacks, as well as their own.

The general increase of the cybercrime industry means that manufacturers of all sizes should be overlaying security governance onto their cloud partners. Many IT and business leaders believe that as they outsource their infrastructure or service, they are outsourcing accountability for risk and its management. 

However, firms must remember that they simply can’t outsource ultimate accountability for risk to a third party. After all, it won’t wash with clients or regulators if there is a breach. Ultimately, manufacturing businesses must be verifying the security governance within their supply chain, and also testing it where appropriate.

Continuous verification of all users is a must

In terms of a specific focus on technologies and trends when looking at the cloud, Zero Trust Network Access solutions should be assessed and generally deployed to protect the ‘road warriors’, home workers and the cloud platforms and applications. There is a real need for continuous verification of all users and their devices as they access corporate data and applications as required. Implementing zero trust access includes requiring strong authentication capabilities, powerful network access control tools, and pervasive application access policies. 

Pay close attention to cloud provider costs

Cloud providers are still notorious for getting customers to sign contracts at one price, only for those prices to spiral quickly once a customer is up and running. It’s critical that the migration journey to the cloud and user acceptance testing process is rigid, with failback options – as performance and cost in the cloud are intrinsically linked. 

Cloud-based structures are quickly becoming key to the future of manufacturing, and with some simple, yet crucial considerations around costs, processes and security, organisations have a lot to gain from accessing things like computer power, data and storage on an as-needed basis through the cloud. 

Byline written by Robert Rutherford, QuoStar