C+S February 2020 Vol. 6 Issue 2 (web)

3 Reasons Cloud Hosted Systems are More Secure Than You Think Dismantling the Myth of Cloud Vulnerability

A common misconception in the IT industry is that traditional on-premise systems are inherently more secure than those hosted in the cloud. There are many benefits of cloud hosting, like eliminating the time and effort associated with infrastructure maintenance while also providing enhanced security to your organization. In this piece, I’ll focus on the security aspect to relieve any concerns organizations may have about updating to a modern cloud-hosted system. While some of what I’ll cover here is specific to how my organization Infotech provides hosting services, the vast majority are standard across the industry. Before we delve into standard cloud security practices, let’s talk a little about the perception that on-premise systems provide greater security. It’s understandable; it’s a system your organization controls, and control gives the illusion of security. There’s a sense of safety behind your organization’s firewall, but security at the perimeter does not protect against internal threats. Whether that means a deceptive email that shouldn’t be opened, a disgruntled employee, or a vulnerability created by lack of updates, there are plenty of opportunities to wreak havoc from within. So, what are some standard cloud security practices that make cloud hosting more secure? Reason #1: Constant Vigilance A good comparison to the cloud hosting industry is the autonomous vehicle industry. Both are relatively new tech- nologies that are subject to heightened visibility in the public eye. In the same way a self-driving car accident sets back the entire industry, a large-scale security breach of a cloud hosting service could cause major damage to how the technology is perceived. Additionally, the security of cloud-hosted systems is inherently questioned rather than inherently trusted like it typically is for on-premise systems. For these reasons, security is always part of the conversa- tion and a top priority for cloud-hosted systems - which leads us to the next point. Reason #2: Hosting Provider Accountability and Expertise With cloud-hosted systems, security accountability and expertise responsibilities are transferred offsite. Keep in mind that your on-premise IT infrastructure is only as strong as your own IT professionals. Joe in IT is really great, but if he gets the flu and crucial updates don’t get applied as a result, that could spell disaster for your important data. With cloud hosting, you’re utilizing a team of professionals dedicated to protecting your information at all costs through your hosting services provider. You’re also protected by public cloud providers like Amazon Web Services that have top-notch physical security and network security including many built-in features such as mechanisms to prevent Distributed Denial-of-Service (DDoS) attacks. The Scale of AWS: • ~2 million servers worldwide • 51% of the cloud-hosting market • Active in 190 countries • 1 million+ customers as of 2016 • A peak of 12.9m requests per second in 2017 Reason #3: Limited Exposure and Access As I mentioned earlier, on-premise systems are typically highly focused on ingress and egress points to protect from external attacks. That leaves systems open to internal issues. It’s like the human body; it doesn’t matter how thick your skin is, if someone at the heart of your organization clicks a link or opens an email they shouldn’t, everything can fall into chaos. The security philosophy in cloud-hosted systems is usually more holistic than on-premise; access to internal systems even from other internal systems is highly restricted.

38

csengineermag.com february 2020

Made with FlippingBook Annual report