From Tree Fort To Fort Knox: 5 Reasons to move to the Cloud
Cloud-based computing is often more secure than on-premise computing for businesses. It's like elevating your security from a humble, DIY tree fort to the sophistication of Fort Knox. Take a look at this whitepaper to learn 5 ways in which cloud tops on-premise security.
Get the downloadBelow is an excerpt of "From Tree Fort To Fort Knox: 5 Reasons to move to the Cloud". To get your free download, and unlimited access to the whole of bizibl.com, simply log in or join free. |
Stronger protection
It’s easy to succumb to the illusion that onpremise software is more secure because it’s housed where managers can see it, but that can be a costly misconception. Data security breaches resulting from unauthorized physical access to a cloud host’s data center are incredibly rare, and focusing too much energy on their prevention can cause companies to lose sight of bigger issues. The overwhelming majority of documented attacks on data security come through electronic means, some from hackers on the open Internet, some from competitors, many from careless employees. In fact, most security breaches come from within a company’s own firewalls, often originating from employees who either accidentally or maliciously open up hacker gateways into the corporate environment. With a cloud solution, there are no employee “desktops” to worry about.
Top-tier cloud infrastructure vendors need to maintain verifiable security at the highest level of customer need. So, many of them hold ISO 27001 certifications, meet US Federal government and Department of Defense security standards like the Federal Risk and Authorization Management Program (FedRAMP), and have been validated by groups like the Payment Card Industry Security Standards Council. Each certification involves substantial expense, a lengthy initial application process, and ongoing annual audits. Because the security standards available to any of a cloud vendor’s customers are normally available to all of its customers, cloud customers get the benefit of fully certified security without the expense and difficulty of personally getting certified.
The bottom line is that leading cloud providers have made massive investments in the most advanced security tools and procedures available, and companies that choose cloud deployment can benefit from a far more sophisticated level of protection than they would be able to implement on their own.
It’s telling that the world’s most security-obsessed organization, the US Central Intelligence Agency (CIA), just issued a $600 million contract for cloud services with Amazon Web Services (AWS). The agency rarely reveals what drives its security priorities; but from that evidence, one can conclude that cloud technology satisfies the highest possible security demands.
Advanced security framework
Complete security begins with a user’s first login to an application, and compromised user logins are a leading source of data breaches. Although individual misconduct will always pose a risk, it’s essential to have safeguards at the application level to head off unauthorized access and document all attempts to breach application security through fake or stolen credentials. At the cloud infrastructure level, the essential security framework that covers one customer scales up to cover everyone. The benefit to using a top-tier cloud infrastructure vendor is that the money and framework can be applied broadly enough to give everyone the highest practical level of security, along with consistent enforcement of security standards throughout the environment.
3. Immediate response to emerging threats
New types of security threats arise every day, and on-premise solutions are no more immune to those threats than cloud solutions. Yet a cloud provider that hosts hundreds of customers can rapidly deploy a fully tested response to all customers at once, providing customers with rapid, timely protection from emerging threats that they’d never be able to manage feasibly on their own. Most significantly, this superior coverage costs less than developing, testing, and deploying their own countermeasures.
Given the increasing frequency of cyber attacks, the value of rapid response can’t be underestimated. A recent study showed that the average business suffers at least one successful cyber-attack per week, and that each successful attack takes an average of 32 days to resolve at a cost of more than $1 million. By delegating responsibility for cyber attack response to full-time specialists at a cloud vendor, organizations can spare themselves a major source of cost and distraction.
4. Continuous, predictive monitoring
A private customer needs to add specialized tools and paid staff to monitor the integrity and availability of system operations and the confidentiality of the data within it. Again, those functions are carried out continuously at a top-tier cloud vendor and essential tools for logging and monitoring are part of the supplied infrastructure.
“End users benefited from fewer service disruptions and quicker recovery, reducing downtime by 72% and saving nearly $32,600 per application per year.”
An IDC study of companies using cloud services showed that the benefits of the vendor’s scale and size led to significantly fewer disruptions and lower costs. In discussing Amazon Web Services™, IDC said: “End users benefited from fewer service disruptions and quicker recovery, reducing downtime by 72% and saving nearly $32,600 per application per year.”
In a world where the most effective cloud applications are often virtualized instances of proven on-premise enterprise software, the application architecture must be engineered to work seamlessly with the cloud’s security platform. To do this, the application vendor and the cloud infrastructure vendor must maintain compatible, complementary standards for login credentials, authentication, and data encryption. This prevents gaps that can undermine the integrity and security of the application. The more frequently the application vendor and the cloud vendor have worked together, the less likely it is that there will be gaps.
The opportunity of shared security is compelling. It’s the power of cloud-based solutions that makes Fort Knox level security available to the “average” business. It’s the very essence of economies of scale come to life to deliver collective protection. Given the increasingly insecure world that poses threats to companies big and small, the reality is that no company can afford to operate in the security equivalent of a tree fort. The good news is that now they don’t have to—Fort Knox level security is readily available via enterprise cloud solutions.
5. Network reliability
If despite all the precautions and safeguards, something happens to go wrong, it’s vital to minimize the disruption to the business. Downtime means loss of productivity, loss of revenue, and possibly loss of customers. That’s where redundancy comes into play.
It goes without saying that a top-tier cloud host with a global footprint can build far more extensive redundancy, scalability, reliability, and external protection than any individual customer can. A world-class data center offers the advantages of backup power and multiple connections to the Internet backbone. But more importantly, a leading infrastructure vendor can distribute images of any application instance among many geographically separate centers to ensure continuous operation even through natural disasters that span multiple regions or continents through what’s called high availability (HA) architecture.
Consider the cost of building a private HA data center. At minimum, that would require at least two of everything—dual routers, dual switches, dual load balancers, two application servers, two database machines, two network connections, separate power drops, and separate RAID storage. Ideally, all of these components should be in separate locations to minimize the risk of outage from localized hazards such as fires, floods, or hurricanes.
Compare that with what’s required to create HA architecture in an entirely redundant instance with a top-tier cloud vendor: Make a choice from a drop-down menu. There’s just no comparison in terms of cost, complexity, or risk.
[Download PDF for charts]
Want more like this?
Want more like this?
Insight delivered to your inbox
Keep up to date with our free email. Hand picked whitepapers and posts from our blog, as well as exclusive videos and webinar invitations keep our Users one step ahead.
By clicking 'SIGN UP', you agree to our Terms of Use and Privacy Policy
By clicking 'SIGN UP', you agree to our Terms of Use and Privacy Policy