Beyond cloud transformation: When security and sustainability are paramount  

With companies adopting multi-cloud strategies more and more, sustainability and security are the next imperative.  

We caught up with Thomas, the Founder, and CTO at Deployflow, to explore the ways Deployflow ensures green cloud solutions and discuss how to keep pace with security demands.  

Dive right in!  

Towards the greener future  

D: How does Deploy flow support organisations in their efforts to adopt more sustainable cloud solutions? 

Thomas: Considering sustainability as a holistic concept is of utmost importance. When it comes to organizational sustainability, leveraging a well-managed cloud system offers the advantage of efficiently provisioning and deprovisioning systems based on demand. To illustrate, in collaboration with our energy provider, we have implemented a mechanism that automatically shuts down idle systems during non-operational hours. For instance, instances are deactivated when it is anticipated that no queries or reports will be run after regular working hours. We then reactivate these systems before the start of the workday to ensure all services are available for use. 

Since we know what specific peak periods are, we can easily add or remove instances swiftly upon completion of queries. Operating in a cloud environment enables organisations to dynamically adjust resources, which contributes to sustainability, smarter data consumption, and power utilization. Our aim is to build solutions that will have a positive, long-lasting impact on the environment. 

Here, I would like to emphasize the migration of data from outdated, energy-inefficient infrastructure and servers. These older servers are known for their high-power consumption and cooling requirements. In our projects, we tend to clearly understand how changes will impact traditional infrastructure, servers, and services. It is crucial for us to design solutions intelligently, to save energy and scale down resources, when necessary, rather than simply allocating excessive power and resources to every challenge that arises. 

Deployflow’s efforts to help companies achieve sustainability through green cloud  

D: Talking about sustainability, what practices does the deploy flow implement within its own operations to achieve sustainability? 

Thomas: Our primary mode of operation is remote work. We don’t work in physical office spaces; instead, our registered offices serve mainly as meeting rooms for occasional gatherings. Our commitment to a home-first approach ensures that all team members have the necessary tools at their disposal, which significantly minimises our environmental impact. 

When it comes to our test beds and working environments, we implement guidelines to ensure responsible usage. We make sure our environments are active only during specific hours. By default, we avoid keeping systems or services running for extended period of time, unless there’s a specific requirement. We prioritise tools and services that embed sustainability considerations. 

Being a cloud-first and remote-working-focused organization, our physical footprint and reliance on traditional services are minimal. We heavily leverage cloud resources, emphasising the importance of proper configurations. Our DevOps team, responsible for development and staging environments, ensures that these environments automatically shut down when not in use. We maintain an always-on configuration only for the necessary production environment.  

Cloud security made simple  

D: Security is a top priority of organisations considering cloud services. How does Deployflow ensure the security of data and applications hosted in the cloud? 

Thomas: In our organisation, we have a longstanding commitment to deploying secure solutions, particularly when working with financial services, where security is of utmost importance. Over the years, we’ve consistently prioritised the forefront of managing and maintaining highly secure and compliant approaches to information and data management. 

As part of our efforts, we are currently in the process of obtaining ISO 27,001 certification, and we are already certified as cyber essential. While we already have best practices in place, we are actively enhancing our policies and workflows to align with industry standards more effectively. Our devices are uniformly encrypted, and we advocate for the implementation of multi-factor authentication, including support for hardware keys. 

We help our clients classify data and implement appropriate policies. For instance, within SharePoint, a component of Office 365, we help design specific policies for different types of sites. This includes internal communication-only sites and those accessible to external parties, each with tailored data-sharing permissions. 

Additionally, we guide organisations in implementing tagging policies for files. Depending on the file’s tag, organisations can control whether the information is shareable. This meticulous approach ensures that data is handled securely and in accordance with organisational policies. 

On top of this, we adopt a proactive “landing zone” approach when setting up new environments. This involves assisting organisations in establishing foundational policies at the cloud provider level, such as AWS or Azure. These policies enforce secure practices across all sub-accounts. This top-down policy enforcement helps instill a secure mindset, requiring careful consideration of access controls and exposure. All of this ultimately contributes to a robust security posture for our organisation.  

D: Regarding the security monitoring and threat detection capabilities, what monitoring tools can help organisations proactively identify and mitigate potential threats.  

Thomas: Each cloud provider offers its own set of tools, all of which need careful enablement and implementation. While some tools can be readily implemented and mitigated, others may require collaboration with internal teams. Organisations prefer to own or manage security in-house, prompting us to work closely with their internal teams. We can provide recommendations for various tools, considering the diverse offerings from different providers, but our approach is always to collaborate with the organisation to ensure alignment with their existing policies. It’s about finding the right balance between leveraging external tools and working hand in hand with internal teams to achieve comprehensive security measures.  

How can Deployflow help you triumph on your journey towards greener and secure cloud? 

Cloud technology is continuously evolving, with features and services constantly being updated and replaced. Partnering with organisations like Deployflow, who invest time in researching new technologies and understanding market trends, is invaluable. Deployflow can guide organisations in leveraging the latest tools and opportunities to achieve greater success in their cloud journey. Reach out to one of our experts to learn how we can help you on this journey. 



Published on November 27, 2023