Cloud Security Concerns
In speaking to customers over the years, we’ve noticed that one of the most common concerns about cloud computing or IaaS (Infrastructure as a Service) is the fear that transmitting your data and storing it offsite will expose you to security breaches or other risks. We should be clear: cloud computing does involve some risks. Any time you transmit or store data, there’s the chance that something will go wrong. But we believe very strongly that in comparison to other data storage options, including in-house hardware and networks, cloud computing offers the best security and ease-of-use. To explain this idea, we want to make two main points:
1) Cloud computing is as risky or as safe as the provider makes it
2) Every computing option, including in-house data storage, involves risks
We’ll go into each of these points in more detail below:
1) Reputable cloud computing providers like Atlantic.Net use advanced security measures that make it extremely unlikely that data will be lost or stolen. We’ll go into more detail in the next post, but for now we’ll just say that Atlantic.Net has been around for 16 years, and we haven’t survived that long by exposing our clients to unacceptable risk. Our clients include hospitals, hotels, defense contractors, and businesses in other demanding fields. As with any service, professionalism and expertise are critical.
2) Keeping your data in-house isn’t some kind of magic security solution.
This is an important point to remember when thinking about your data security. In-house data gets lost or stolen all the time though oftentimes these events aren’t thought of as ‘data loss’. Blackberries get dropped, files corrupted, roofs leak, servers crash and hard drives fail. A 2008 study revealed that 12,000 laptops are lost in US airports every week. And viruses, malware and malicious attacks are a constant threat. In-house data is often much more exposed than data stored in the cloud servers, and it’s often not properly backed up or encrypted either. We’ve seen it time and time again: in-house storage, particularly for small businesses, means your data is stored unencrypted on consumer hardware (rather than commercial hardware), is not backed up, and is only as physically secure as your front door lock or your fire alarm. Moving your data into the cloud means accepting some known, managed risks in order to eliminate a whole slew of risks that you may not have thought about.
State of the art measures ensure data security
There are four main facets to a comprehensive data security approach, and Atlantic.Net has years of experience implementing each of them. Put simply, you want to ensure that data can’t be intercepted during transmission, can’t be read if it is somehow obtained, is stored in a safe environment, and is backed up in case the primary storage hardware fails.
As to the first, we use industry-standard Secure Sockets Layer (SSL) encryption on all connections to protect communication between client and datacenter computers. This can be taken further to create Virtual Private Networks (VPN) which use full tunneling to make data transmissions between devices as secure as possible. SSL is a standard security technology for web-based communications; VPN offers even greater security and can be particularly useful for mobile devices and offsite workers. Over the years, Atlantic.Net deployed numerous data networks by utilizing Multiprotocol Label Switching (MPLS). MPLS has proven to provide secure point to point tunnels over the network, enabling clients to get the best of the secure connections available on the market!
If desired, any and all of your data can be stored in encrypted format using Public Key Encryption (PKE). This means that the files would be meaningless even if someone did manage to obtain them.
The third point, maintaining a secure environment, is more complicated. This kind of security means protection from both hacking and hardware malfunction. Protection from attacks requires you to be vigilant and stay up-to-date on the latest threats, which is difficult to do if you’re not a security professional. You would also need to devote considerable time and money to securing the physical environment for the storage hardware. And as to the fourth point, backup: by definition, your most recent data is probably the most useful to you at the moment, so backups also need to be continuous to be valuable.
All these steps take time and effort to do yourself, which is why many businesses don’t bother…until after their first major security breach.
In contrast, hosting your data with Atlantic.Net means you have a reliable partner with industry experience and knowledge of the latest threats. We’re constantly monitoring and upgrading our systems to ensure that your data is as safe as possible. Our physical facility itself is secure: SAS 70 Type II compliant, with concrete walls, palm scanners, keycard and eye-scan verification, and CCTV monitoring.
To conclude, we believe that storing your data in-house is much like keeping your money under the mattress…it’s fine until it’s not. Cloud computing lets you contract with a professional security resource while also saving money on your IT needs. We encourage our clients and prospective clients to learn more about the real risks and real benefits of both in-house data and cloud storage. If you have additional specific security needs, please talk to one of our sales engineers about how we could best serve you. You can always try our Cloud Server Hosting risk-free at www.atlantic.net!
Atlantic.Net also offers HIPAA compliant hosting solutions; learn more about our HIPAA Data Centers.