A Bed in the Cloud
At a recent technology conference, I overheard a couple of people talking about how they couldn’t get comfortable with trusting the Cloud. One of them said that trusting your data to the Cloud would be like setting your newborn baby on top of a fluffy cumulus cloud for a nap: it might look like a good idea at the time, but it’s not a smart decision.
The metaphor was interesting, but one I struggled with given the security available with Cloud technology. While the occasional stories about health service companies having data held ransom, financial services data being hacked, or entire Cloud providers going down altogether are troubling, these security breaches are largely preventable. To help ensure you find comfort in the Cloud for your business, keep the following security issues in mind.
Safety Measures for the Cloud
From the IaaS side, Cloud providers start you on the strongest foundation possible. For example, public and bare-metal cloud servers provide clients with a virtual LAN to separate their space from other assets. These VLANs act like a moat for a frontline defense against security breaches, although like any good defense you must have multiple strategies in place. In addition to the VLAN, cloud customers can consider firewalls, patch management, data encryption and intrusion detection/prevention.
The great thing about firewalls in Cloud environments is that most providers offer firewall services, and they can be applied at various levels. This flexibility allows you to choose the safest solution based on your individual needs: you can set them up at the server level or have web application firewalls, providing additional security at whatever level your company needs it most. While shopping around, make sure to ask what firewall options a Cloud provider offers.
Of course, a moat and a firewall still might not be enough protection, so you may go further and include patch management to ensure that all of your existing defenses stay at 100%. Many hacks exploit known weaknesses that just take too much manpower to keep updated, so delegating patch management to a third party allows your IT team to be more vigilant elsewhere. Ask your Cloud provider what services they offer to help keep your Cloud resources running with the most recent patches and updates.
Similarly, intrusion detection and prevention can further strengthen your defense, allowing you to get ahead of efforts to infiltrate your data. Data encryption, while often client-initiated, can also serve to keep prying eyes away from your data. Employing these services in addition to those above should provide your baby with a safe, comfortable surface!
Keep Your Baby Safe
The man I overheard at the conference was correct about one thing, at least: your data is your baby. You certainly need to make sure your baby stays safe, and one of the biggest factors in ensuring your data or transactions will be secure with a specific Cloud provider comes in the form of clear communication. Know what options your provider has available so that you can supplement your own interventions if necessary:
- Does your provider offer firewall services? If so, is it at the server or application level?
- Do they offer patch management to keep you up-to-date?
- Do they have any programs to detect or prevent intruders?
Answering these questions takes you one step closer to being secure on the Cloud. To help you get comfortable understanding which cloud solution makes most sense for your business, click here or contact INAP to see how we work to keep you and your data safe!