IT: To Cloud, or Not To Cloud

The growth in popularity of web-based applications like social networking sites and even cloud computing software like Google Docs has raised more and more questions concerning security requirements. Particularly when it comes to the use of virtual and cloud environments for sensitive data hosting, rather than use of local data centres – does data protection now demand a new approach?

Data protection schemes should always pursue pre-emptive tactics. In fact, nowadays it’s an essential requirement for security control systems to reveal and prevent hacking attempts in real time – otherwise damage of data, information leakage or loss of data integrity might be unrecoverable where a company primarily does its business over the internet.

What security issues will you face?

There’s always a danger of unauthorised data access (which could involve unauthorised access to the data, modification or even deletion) if you’re using a hosted application where you can’t control your hosting media. The major difference between the old approach (using your own local data-centres) and new approach (in the cloud) is that you have to put in extra ‘smart’ protection and detection mechanisms, such as:

* Logic in your system that will watch for massive data changes
* Logic that watches for unusual mass data retrieval
* Geo-checks for an authenticated user (for example, if the user is assigned to your Bristol branch and has no roaming option activated, but their IP tracks back to London)

Make sure your system will (semi-)automatically block suspicious users and notify your system administrators. Having the system in your own data centre allows you to implement physical control of data access, checking smartcard IDs, fingerprints and even retina scans, so user authenticity is trustworthy. With a hosted application all you can do is ensure that you run as many logical checks as possible and, if something goes wrong, you detect the problem at an early stage.

Hosted software solutions

More and more companies are taking the decision to migrate customer management and basic planning systems from their own data centres to leased web platforms. These offer web-based access to corporate databases and management applications. Usually, they take the benefits of cloud structures and, while a cloud structure has a long list of benefits, (there should be a good reason why more and more companies are moving data out of their data centres) there are still disadvantages.

The major disadvantage is (even if it surprises you) the same as its major advantage: ‘Software as a Service’ means that every single client uses exactly the same set of software applications which incorporate the same logical principals, procedures and algorithms. In a word, they’re generic. They offer the same ideas to different clients: every client uses the same authorization schemes, data integrity checks, credential validations, etc.

For some companies, these solutions are way ahead, more useful, flexible and secure in comparison with the old software they used in local data centres. For other companies with specific security requirements, these ‘generic’ ideas are not enough to offer sufficient levels of access protection and they can’t deal with the security risks. In which case, SaaS will definitely restrict you in how you can organize data access authorization, which is something you can’t control.

What’s next?

There are lots of pros and cons when choosing the right way for your company’s IT infrastructure development, you just need to summarize them and choose the right one:

* Define the weak and strong sides of using your own data centre and compare it against the same set of criteria for a virtual/cloud hosted system.
* Define security risks you have in your data centre and compare them against the security threats for a hosted platform.
* Based on the previous list, make two lists: ‘Absolutely required’ and ‘Wish list’ for your security requirements; find a platform provider that will perfectly fit your needs.

Source

• Author
• Recent Posts

Brian

Managing Partner at meshIP, LLC

Brian Byrne is the founder and Managing Partner of Dallas based meshIP, a technology services firm offering cloud computing strategies and services. He is an accomplished executive with senior management experience in all facets of the technology, telecom, cloud computing, and SaaS industries. He has proven success in developing, financing and executing strategic plans as well as launching new ventures. His background includes a record of significant achievement in international business development and his credentials include a MBA in Marketing and Management Strategy from the J.L. Kellogg Graduate School of Management at Northwestern University, a MS from the School of Computer Science at DePaul University, and a BBA in Finance from the University of Notre Dame.

He is also the inventor of the patented meshDETECT, Secure Prison Cell Phone Solutions.

LinkedIn Profile

Latest posts by Brian (see all)

• The Customer Edge Drives the Need for NaaS - June 25, 2023
• Blockchain Evolves And Secures - January 13, 2019
• Bessemer Ventures’ 2018 Cloud Computing Trends - February 25, 2018