Until recently, many telecommunications companies, or telcos, cited data security as the cause of their hesitancy to shift their network operations and management to software-as-a-service (SaaS) models that rely on the public cloud.
However, the maturation of the public cloud and security advances mean that telcos can now overcome their historic reluctance and benefit from the cost savings and business agility that public clouds enable, while remaining as secure as on-premises deployments.
In this article, we delve into the details of how the public cloud and telecom SaaS deal with security, resilience, and compliance with regulations.
Telecom SaaS has higher demands for resilience, performance, availability and security compared to typical IT applications. Because of the critical nature of telecom infrastructure, downtime is unacceptable. To avoid downtime, telecom SaaS applications must be designed for both performance and resilience.
Philip Blanchar is Senior Director for SaaS Delivery & SRE Operations at Nokia Cloud & Network Services. Kal Krishnan is AWS Security’s Telecom Industry Specialist.
The time to start the journey is now
Telecom networks and IT networks have historically followed separate paths. While telecom networks were designed for voice traffic, IT networks were built for data transport such as web browsing and email.
However, the gradual convergence of the two in recent decades, presents an opportunity for telcos to benefit from developments in the IT field which is the emergence of the public cloud. Several industries, including privacy-sensitive ones like financial services and healthcare, have adopted the cloud to transform themselves and, as a result, have benefitted from the elasticity, scalability, cost-optimization and business agility that the cloud provides.
The same benefits are available today to the telecom industry as it builds the next generation of telecom infrastructure.
The operating model in the cloud
When operating in the public cloud, security and compliance are a shared responsibility. In general, the cloud provider is responsible for security of the cloud platform, while the consumer, or the telco, is responsible for security of the applications they operate within the cloud.
The exact division of responsibilities, however, varies depending on the type of cloud service that a telco uses. For example, infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) or software-as-a-Service (SaaS) all have differing divisions of responsibilities. To remain secure in the cloud, telcos must understand the responsibilities as it applies to their particular use of the cloud and build the organizational competencies to fulfill them.
Additionally, to fully harness the benefits of the public cloud, telcos should avoid lift-and-shift strategies, which emulate on-premises deployment models in the cloud and instead adopt cloud-native approaches.
The modern telco should focus on driving transformational change in the culture, organization and applications emphasizing speed and innovation through constant iteration. They should invest to upskill the workforce, develop a DevSecOps culture, adopt new tools like continuous integration and continuous deployment (CI/CD) pipelines, implement new governance models for the cloud, and even transform procurement departments to support new commercial operating models.
Telcos should work closely with the supply chain to modernize legacy monolithic telco nodes to cloud-native functions through use of microservices, API-based architectures that can leverage the scalability, elasticity and resilience that public clouds offer.
These are challenges that take time to overcome but are crucial not only for business success but also for meeting security objectives.
The benefits of Telco SaaS
From the perspective of a telco, SaaS models can assist telcos in addressing these challenges.
SaaS carries the least security burdens for the telco and offers the quickest path to reaping the benefits of the public cloud. When telcos use SaaS, they can leave the undifferentiated heavy-lifting of running secure, cloud-native applications to the providers, focusing their attention and investment on their core business of delivering digital services to their customers.
To achieve this outcome, the telco must trust its mission-critical business partners.
For example, public cloud providers build their infrastructure and services with a high degree of redundancy and fault-tolerance. Cloud data centers are organized into distinct regions and availability zones (AZs) which are constructed to be independent failure zones. SaaS providers work closely with cloud providers to architect their telecom applications in specific ways to take advantage of the resilience of the cloud infrastructure.
For telcos, this provides immediate access to highly-available, carrier-grade applications. Furthermore, the providers design their solutions to meet specific compliance obligations and demonstrate that they do so through independently verified third-party audit reports. This, in turn, lightens the compliance burden on telcos.
Cloud-economics allows public cloud and SaaS service providers to invest more in security than most single enterprises can on their own. The threat landscape is constantly evolving as malicious actors leverage advanced technologies like artificial intelligence to accelerate their attacks. This increased threat level creates extreme demands for not only threat prevention but also for privacy and security.
Staying current with evolving security operations and maintaining a leading-edge security capability are incredibly challenging. Public cloud and SaaS providers are ideally situated to assist as they see security data points at scale. These include, for example, different categories of threats, attack tactics, traffic flows, malicious IP addresses – the learnings from which benefit every cloud consumer. Furthermore, the high degree of automation allows them to respond in near real-time to mitigate developing threats.
Final thoughts
The capabilities of the public cloud have matured since its infancy a decade ago. Telcos no longer have to make the difficult choice between the benefits that come from cloud adoption and security. By partnering with public cloud and Telecom SaaS providers, telcos can become more agile, take advantage of the elasticity, scalability and cost optimization, all the while retain their high-security posture.
