Those of us who work on cloud platforms have been fighting a long, defensive battle against the entrenched interests of legacy, on-premise software. In one sense, it’s understandable that many organizations are reluctant to give up their local software installations. No one wants to admit that their investment in hardware, software, staff, and training are obsolete. But if an organization is serious about protecting client data, it makes no sense to stick with local software installations that are inherently less secure, more complicated, more expensive, and much harder to maintain than cloud-based software. The reality is that data kept on-premise is a headache and security risk that organizations no longer need to face.
Security Should Not Be Your Problem
This month, we’ve focused our discussions on data security, looking at the advantages in physical security, firewalls, and authentication a cloud computing environment can offer. The bottom line is that a hosted software solution, managed and run by dedicated security and IT professionals, can offer levels of security no IT staff can offer in-house. To illustrate, the chart below compares the security found in the Amazon Web Services data center, versus what a typical local network provides.
As Nextpoint Vice President of Research and Development Ben Wolf pointed out in a recent post, cloud service providers have resources no in-house IT staff can ever hope to match. Today’s threat environment is more complex than ever, meaning in-house IT staff need to deploy and maintain a firewall, intrusion prevention system, a Virtual Private Network for remote access, anti-virus/anti-malware gateway software, plus separate appliances for email security. In addition, many corporate clients insist that partners meet data security or regulatory standards (such as the Health Insurance Portability and Accountability Act (HIPAA)), before sharing sensitive data.
A network hosted on-premise can afford very little in the way of network security beyond what can be found in an off-the-shelf network appliance. Even more problematic, on-premise systems offer nothing in the way of physical security or environmental controls beyond what is found in a typical office building. The fact is, many local networks are managed from a supply closet or backroom anyone with access to an office can enter.
Organizations that rely on local, on-premise solutions often have to fall back on unsecured or even archaic mechanism to move and share data, including mailing data on disks. And depending on the size of an organization, on-premise networks lack redundant storage and backup; if a disaster strikes, data is likely lost forever. The largest and most reputable cloud providers often have redundant data centers dispersed across the country, or even the planet.
The Illusion of Control
The use of the term “the cloud” is probably unfortunate. It implies a nebulous and impermanence that just isn’t accurate. We are talking about real facilities with real IT professionals working to protect their systems. In no sense does anyone hand over their data to a cloud service provider- major cloud computing providers don’t want to know anything about your data. They just want to host it and make it available. You control the data, you control who accesses it and how they access it.
In theory, on-site software installations offer more control and easier management. But the reality is that local software is still dependant on updates and fixes sent from the software provider. That just means more demands and more work for in-house IT staff. In the cloud, there is no wait for new releases, and few demands are placed on IT. Best of all, if an organization makes a bad choice in software, they are not stuck with an expensive, useless solution installed on their computers that no one wants to use.
Cloud computing providers- companies like Amazon, AT&T, Microsoft, and Apple- are changing the discussion about data security and management. The question is no longer whether to entrust data to a cloud computing environment. The question is why anyone would continue to put up with the problems on an on-premise software or data storage solution for critical business data.