While You’re in the Cloud, Can We Intrude?
Cloud computing has become a little bit like trendy fashion wear: Early adopters are aggressively moving in-house IT to “the cloud” while those with a more cautious style are taking the “hybrid” approach, keeping some data in house and moving other applications to the cloud. All indications are that cloud computing will enjoy healthy growth over the next several years, but in order to move from trendy to an enduring classic, one critical issue needs addressing: security.
In order for cloud computing to having staying power as an IT platform, businesses need to feel as secure about cloud hosting as they feel about the data housed in their IT operations on site. Specifically, when engaging the services of a cloud hosting provider, businesses need to evaluate the provider’s security and backup systems with the same level of rigorous scrutiny they apply to their in- house operations.
Businesses can apply these top five criteria to evaluating the security of their cloud-based data:
1. Can We Intrude? The right answer has to be “no.” Even the most up-to-date firewalls will not prevent intrusion. To protect your data in the cloud, it is vital to have a solid intrusion detection and prevention system (IDPS). A first rate IDPS goes beyond firewall protection and detects and blocks threats outside or above the firewall layer. It also screens out spyware and viruses at the perimeter.
2. Privacy is Paramount. As further protection against threats, a private, virtual local area network (VLAN) – situated beyond a firewall -- is absolutely essential to protecting your data. You should make sure the hosting provider you choose can guarantee they are placing your servers in isolated VLANs to prevent any cross traffic contamination.
3. Traffic in the Right Lane. Another important differentiator to look at: a well-implemented IDPS can also identify anomalies in “normal” network traffic, offering yet another level of security. It constantly scans all traffic coming to and from the network, all the way up to the application layer. Over time, it is able to spot malicious intent that a firewall would miss. This helps with protection against new malware, or “zero hour” threats.
4. Who Has Your Back? Moving data to the cloud is a big step for an enterprise. You need to feel your service provider is trustworthy and supports you 24x7. One quality control check is the SSAE (Standards for Attestation Engagements) No. 16 Type II audit, which confirms what level of service and reliability they are providing. Besides the security issues such as threat detection and VLANs, you will want to ensure the provider has trained, qualified personnel that can provide you with reliable technical support as needed.
5. Fast Restore. No Waiting. Should the worst happen, and there is a data loss, you will want your provider to have the industry’s most rigorous application-consistent backup. What this means is that your hosting service has taken point-in-time snapshots of your data, flushing all transactions to a disk, and avoiding data corruption. You get a cleaner, quicker restore, and no tape is needed! Contrast this with ‘crash-consistent’ snapshots that can miss data and take up to a day to restore, costing you expensive downtime.
Cloud computing offers tremendous potential for businesses, in scalability and flexibility, without having to invest in costly IT hardware that quickly becomes obsolete. If businesses perform due diligence on the security and backup systems that support their cloud-based IT, they can enjoy the benefits of moving to the cloud with peace of mind -- and more money in the bank.
That’s a scenario in which this cloud can chase the rain away.
Adam Stern is founder and CEO of Infinitely Virtual, a provider of virtual server cloud computing services for businesses.