Cloud Hosting

Historically, enterprises have been reluctant to migrate applications and data to the cloud due to security concerns. Executives are most worried about exposing their communications. However, when I asked these same executives where they store their sensitive emails, texts, and direct messages, the answer was almost universally "in the cloud."

In fact,moving your data to a reputable cloud hosting service such as Amazon Web Services or Microsoft Azureprovides a level of security that can't be duplicated on site. That's because most organizations simply don't have the financial or staffing resources to provide the same security benefits aslarge cloud services providers can.

Here are the other ways that cloud-based data storage solutions provide better security than those housed on premises.

When you move to the cloud, data is stored in multiple data centers that are geo-independent, with redundancy implemented throughout the system. Your data doesn't just get copied to one data center;it gets distributed to multiple data centersso if onegoes down, your data will fail over to another automatically.

Large cloud providers also protect availability through virtualization. When servers are virtualized in the cloud, providers can easily migrate the servers from one data center to another if a failureoccurs. Most on-premises systems may just have two physical servers that fail over to one another. That isn't helpful if theres a fire or a large network outage.

It takes a lot of time and money to prevent physical theft. To completely protect your on-premises servers, you need to implement heavy security, with guards, mantraps, and locked cages for the servers.

In the cloud, youreffort and expensefor all that go away. Cloud providers spend the money for round-the-clock guards and state-of-the-art physical security controls. The size and security of these data centers make targeted physical theft almost impossible.

Patching is one of the biggest security issues that companies of all sizes struggle with until they move to the cloud. In fact, some of the biggest breachesthink Equifax and the WannaCry outbreakwere a result of poor patching.

Unlike most companies, the big cloud services providers such as Microsoft, Amazon, and Google have the resources to hire full-time teams dedicated to patching their products. The patching process in the cloud is mostly automated, which eliminates the downtime that on-premises patching requires.

To properly watch data center security, you need to hire 24/7 staff to continuously monitor for attacks. Most organizations simply can't afford that. Cloud providers havefull-time staffing and around-the-clock security operations center (SOC)that constantly monitors their entire infrastructure.

A huge security advantage the cloud has over on-premises servers and infrastructure is segmentation from user workstations. The most common way attackers get into networks is through phishing and email-borne threats. The attacks almost always enter through user workstations. They rarely come directly through the server environment.

When you're hosted in the cloud, all of your workstations are completely segmented. In the cloud, users aren't sitting on the corporate network where the data lives.

Encryption can be difficult for companies to implement across the entire environment, but cloud providers usually offer encryption right out of the box. Encryption helps prevent data exposure, because the big cloud providers use military-grade AES 256 encryption so attackers won't be able to read any data they might steal.

There are certainly benefits that come withcloud data storage, but there are challenges to be aware of also. These include the following.

[ Get up to speed on new privacy laws with this Webcast: Californias own GDPR? Its not alone.Plus: Go deeper withTechBeacon's guide to GDPR and CCPA. ]

Although the cloud is solidly secure, companies must do their due diligence to create and maintain a secure environment for their sensitive data. Here are the best ways to proactively protect your server data in the cloud:

Enable multifactor authentication

Provide your own encryption keys

Limit access by IP address (i.e., office or VPN)

Choose a reputable, audited cloud provider

If you do all thatand remember your shared responsibility security model, your cloud vendors can help you remain vigilant.

Share your thoughts on cloud security in the comments below. What are your experiences?

[ Explore TechBeacon's guideto SecOpschallenges and opportunities. Plus: Downloadthe 2019 State of Security Operations report. ]

[ Get on top of access with TechBeacon's guide to identity governance. Plus: Learn how to secure and manage cloud-based Linux resources with Active Directory in this Webinar.]

Read the original:
Why your data is safer in the cloud than on premises - TechBeacon