The following three posts explore the topic of cloud hosting and the challenges it faces in providing secure data environments for enterprise consumers. In addition, it discusses the measures taken to combat these challenges, whether they are physical risks to hosting platforms or cybercrime.
The need for secure data
It can be said that the concept of security in all aspects of computing is divided into two areas, data preservation and data control. The first of these concerns is the ability to ensure that data is not lost or corrupted, whether it is sensitive (ie private) or not. Data preservation can be essential for the effective operations of a business, for example, to be able to contact suppliers/customers or to monitor and analyze business performance (business intelligence). In many cases, regulators require companies to retain data for periods of time to provide audit trails about their activities, and where data is considered personal, confidential, or private in relation to customers, suppliers, or employees, companies also will be bound by data protection laws to maintain that data.
The second issue concerns the risk of sensitive data being viewed by those who should not have access to it. Again, data protection laws govern companies when it comes to obtaining personal data only with an individual’s permission and then ensuring they control who has access, restricting unwarranted access. In addition, however, companies will invariably want to keep their own business operations private as well to prevent competitors from gaining an advantage over them.
All IT infrastructure must cope with these security concerns, whether it is personal or enterprise-level computing, and this has been a particular challenge for cloud computing in general, including cloud-based hosting.
vulnerabilities
Ultimately, cloud computing services require networks of physical servers to create the pool of computing resources from which customers can access their computing as a service, which means that all cloud resources always have some kind of of physical location. Furthermore, cloud services rely on a point where end users can access them, often publicly available on the Internet and of course on a public network like the Internet to transfer the data used by the service. Each of these three elements of a typical public cloud service has its own vulnerabilities in terms of data preservation and protection.
Physical security
In terms of the physical infrastructure used to build a cloud service, many of the security challenges are the same as any other hosting platform. To keep data safe, providers must first keep the infrastructure safe and running, and the data centers where the cloud servers are housed go to great lengths to this end. In terms of access, they ensure that the premises themselves are protected from unauthorized personnel through the use of tools such as biometrics, security cameras, guards, and limited access to individual server farms. This not only controls the risk of intentional sabotage or physical hacking, but also the risk of accidental damage caused by an engineer affecting another organization’s servers, for example.
Additionally, servers and network infrastructures are protected from physical damage by advanced fire protection systems and environmental controls, such as temperature management. Temperature control inside data centers is one of the top expenses for a data center provider due to the large amount of heat generated by running servers. The goal of the exercise is to ensure that the servers can run at their optimal temperatures, but if left unchecked, the damage caused could take the servers offline altogether. Data centers employ techniques such as chiller units, ventilation, and water cooling to keep temperatures regulated and servers running smoothly.
Cloud servers and their networks also benefit from the overall expertise of data center providers in keeping hardware maintained and up to date, ensuring the chances of other hardware failures are reduced. As with alternative hosting solutions that locate servers in data centers, such as colocation, dedicated hosting, and VPS (virtual private servers), this experience can be accessed at a fraction of the cost that it would cost companies implement internally.
However, these physical security measures are only the first step. The second part of this post explores the efforts made to keep cloud hosting software running smoothly and prevent data from falling into the wrong hands.