Why Trust the Cloud? 3 Common Doubts about Cloud Security

The potential of the Cloud is evident: CEOs, CIOs and IT professionals all over the world have come on board with Cloud computing, touting its advantages over traditional solutions in both computing power, business performance and financial efficiency. The Cloud story is the epitome of technology enabling us in daily life and work – with both agility and stability, businesses can now channel resources from maintaining IT systems and infrastructure to other functions that drive business performance, such as innovation or research.

Singapore has become one of Asia-Pacific’s most prolific Cloud adopters. Key national initiatives such as IDA’s ambitious Smart Nation is expected to be built on Cloud. Being a country particularly susceptible to changes in global markets, 41% of businesses in Singapore believe that the usage of cloud solutions has helped them with internationalization. Cloud solutions have also led to an increase of 12,000 jobs in the market, and the market is expected to grow to about S$1.4 billion by 2017. Despite these impressive statistics on the growth of Cloud in Singapore, many businesses hesitate in transiting to the Cloud. Misgivings about security are often cited as a common reason for the reluctance to move to the Cloud.

Not Without Cause
Cloud solutions can admittedly be a leap of faith for companies that have relied on traditional computing for a long time. There is a certain reassurance to having a physical machine in sight, to knowing that your data is always backed up in your machine, and that it is protected from hacking or attempts to “pull the plug”. However, as technology advances, traditional computing can no longer provide the power needed to drive business performance with agility and speed. Maintenance of IT infrastructure on-premise has also proved to incur additional costs for hardware, maintenance and labour. Cloud could be the tipping point of business performance – yet so many are missing out on its potential.

Safe in the Cloud
Where’s My Data?
A great deal of assurance that comes with having your servers on-premise is being able to see them. This, however, entails comprehensive maintenance. Computing equipment is susceptible to heat, dust and humidity, so most server rooms in Cloud data centres have specialized up-flow or down-flow air-conditioning that control humidity, temperature and dust (through particle filtration). To achieve efficiencies of scale on such maintenance costs, there should be something along the lines of 500 server racks (micro data centre) or 10,000 racks (typical data centre). Less than that, the amount of resources consumed just to maintain the servers far outweigh computing performance.

Data centres also have features such as fireproofing which can be hard to implement in normal office settings. A common method of fireproofing is using inert gases to suppress and bring the fire under control without endangering other machines or personnel in the compound. Futureproofing is another measured commonly deployed in data centres to help them scale their power and cooling setups as more servers are added. Redundancy can also spare you the unnecessary hassle of keeping spare equipment lying around in the office just in case of failover – additionally, rather than merely hardware redundancy, you would not need to worry about the provisioning of failover power and cooling systems as well.

Data residency is a key concern for businessowners, and whilst it is challenging for self-provisioning Cloud service providers such as Amazon Web Services (AWS) to give businesses visibility as their data centres are in various regions around the world, a local or specialized Cloud Service Provider might be able to provide more transparency.

What Do I Do During Downtime?
Most Cloud service providers guarantee at least 99% uptime in a service level agreement – but downtime does occur, as with any technology. If and when it does occur, the foremost priority would be ensuring that your business can continue operating. The two main concerns are often loss of data and disruptions to service.

Loss of data can be easily avoided by properly backing up and replicating your data. Data replication can be customized according to your budget and your requirements – for example, urgent information can be backed up simultaneously (full back-up), and run-of-the-mill archiving can be backed up once every 24 hours (incremental back-up). The flexibility of choosing between backing up to disk or tape, as well as configuring a suitable retention period for your data ranging from 14 days to years make data backup a simple insurance against the unexpected. With data replication, your data is copied and stored in a separate server to ensure business continuity even in the event of downtime. During restoration, multiple types of restore will allow you to pick one that is most suited for your systems, such as VM-level restore, file-level restore and application-aware restores – it’s security that is seamless and fuss-free.

Another aspect of business continuity would be disruption to service. The facilities that you should look for, especially if your processes are time-critical, are what we call WAR (Work Area Recovery) centres and Command Centres – places with an office-like setup that will be immediately ready for use in times of crisis. Desks, telephones and security systems would have been built into these facilities, so you can be assured of minimal disruption to operations knowing that there are measures in place that you can deploy quickly and reliably.

Of course, prevention is always better than cure, and high security as well as quality maintenance should be a given for any Cloud service providers. Having security surveillance on your equipment 24/7 as well as dedicated experts maintaining system health at all times would be the best insurance against any form of threat.

How Are My Machines Protected?
Threats to security for Cloud service providers can generally be categorized into three broad groups: physical, network and software. As Cloud services, especially commercial cloud, usually runs on a shared economy model, these are risks that service providers rush to eliminate.

Physical threats encompass everything that could happen to a server. For example, in a typical office environment, the machine could overheat, or someone could trip over and end up yanking out some wires. To prevent this, Cloud solutions come with a variety of different added security levels – for example, the dedicated private cloud will ensure that your machines are kept in a cage to prevent others from tampering with them.

Network security can be fortified with the use of firewalls. Two-tier and three-tier firewalls, as well as secure IP security VPN access, are the first line of defence. Strengthened by zone security with private WLANs, portswitching, profiles ACLS as well as site to site VPN access for distributed architecture, holistic network security measures will be the most fundamental safeguard for your data.

The final defense comes in software security. Antivirus is a critical armament for your software – an option would be to work with Cloud service providers using antivirus softwares that provide a single, integrated platform to reduce IT management and operational costs, simultaneously improved visibility into the security and compliance of the client systems with its unified infrastructure.

A last measure for security would be monitoring tools that help you to monitor your VMs in various aspects such as availability, CPU, RAM, HDD resources and performance. Critical VM alerts for issues like memory ballooning, datastore latency, phantom snapshot files and high CPU utilization should be readily available so that you have as much visibility over your systems as you need.

Peace of Mind
Cloud security is a field that continues to grow and advance as Cloud computing begins to garner attention from governments, corporations and even institutes of health and education. With its potential to power business performance and maximize resources, Cloud is slated to be the norm of future computing, and Cloud security will be the cornerstone of this growth. The Cloud will continue to be an ever-evolving technology, with rapid advancements in security. There is every reason to make the transit into Cloud with ease.

What other security concerns do you have? Are you ready to tap on the massive potential of Cloud yet?

Nothing is better than trying it out yourself. Acclivis Technologies & Solutions, parent company of Pacific Internet, is offering limited trials for Commercial Cloud. Get in touch with an account manager and claim a one-month trial of Commercial Cloud on us!





we have a problem!

Our site uses cookies to make it work and to help us give you the best possible user experience. By using our site, you agree to our use of cookies.

x Logo: Shield Security
This Site Is Protected By
Shield Security