How does cloud security measure up?

Standard

In the days before “cloud”, most businesses would have their servers, data and computers all local and managed through a consultant or internal IT teams.

Today with the cloud, often the business owners cannot see, touch or ‘feel’ their computer data, hence its natural to be more cautious about security when you feel that you don’t have it in your own possession.

Which brings us to cloud security. How does it compare to the traditional methods of storing everything in a server you control in your office?

Well lets begin by identifying the challenges most businesses face when their servers and data remain within their office:

  1. Flood, fire & theft risks – all the physical aspects of data loss must be managed by the business themselves when your server is onsite in your office. During the Brisbane floods of 2011, we saw many businesses who were not using the cloud or related data centre hosting, suffer from downtime and data loss.
  2. Internet firewall security Рmost businesses do not realise that the only line of defence between a hacker entering their system is their modem router device, with its inbuilt firewall, which is often never updated. This is in comparison to a proper cloud environment, which has multiple levels of firewalls across the data centres, constant around-the-cloud monitoring, plus the defence mechanisms are kept up to date with new firewall rules updated as such become available.
  3. Backups and Disaster Recovery – by leveraging the cloud smarts, its often much quicker, cheaper and easier to take an entire business ‘snapshot’ of the data. This means in the event of a security breach, it is often possible to restore quickly to a recent snapshot to mitigate downtime and data loss.
  4. External device data control – items such as USB drives, CD’s, etc, can easily be used to copy data and export information away from your office when you have servers onsite. Whereas with cloud, it is possible to disable USB access and due to the physical limitations of not being able to physically access the server (unless a client of course asks for such), the risk of rogue employees ‘stealing data’ is heavily mitigated.

What to consider when deciding whether to keep your cloud data local or offshore?

Standard

I’m often asked if I should keep my data local and choose a cloud service provider who will keep my data local in Australia, OR should I go with an internationally hosted cloud provider (eg, Microsoft Office365 for Australia is hosted in Singapore)?

To answer this, I’ve listed some item you must consider before you decide whether overseas cloud data centres OR a local Australian based cloud data centres is best for your business:

  1. If you need physical access to your data, maybe due to the large data size or frequent changes necessary, unique access methods (health), etc, then local is your preferred choice.
  2. If you run software that is latency critical, eg, virtual desktops, video editing, CAD work, etc, then local is again preferred, as going offshore simply slows the experience, making it near unusable for your team.
  3. Do you need to upload/download large quantities of data in a short period of time? If so, then local again is your preferred choice, purely due to the data limits carriers can provide. Yet as bandwidth becomes faster and cheaper, this helps cut this barrier down.
  4. If a high level of uptime is what your business demands, then local is preferred, purely due to the maintenance windows introduced overseas, eg, their downtime scheduled at night their  time, which is often our day time. We have seen new clients with offshore cloud data come to us for help after experiencing outages for small periods of time during Australian business hours. Naturally this is not ideal and often frustrating to say the least.
  5. If you’re a government agency or a business with mandated regulatory requirements to maintain data onshore, then of course you have no choice but to remain local.

Finally, when the chips are down and you need help, make sure you can contact your service provider’s support team. Even though international providers are often cheaper and sometimes offer more capacity for a lower price, their 24/7 support offerings can be less desirable, especially when you need that immediate help. Best to align yourself with a business that matches your working hours to respond and assist when you need the help in real time.