Databank’s Mark Houpt explores the benefits of working with a specialized data center cloud provider, including performance, security options, and support for compliance.
Commonality of Commodity Cloud
Moving to the cloud is a tale as old as time—tech time, that is. Cloud computing spending is expected to grow at better than 6x the rate of IT spending through 2020 (IDC). Obviously, businesses are moving IT infrastructure into the cloud increasingly, typically to reap one or more of the following benefits:
- Storage and backup options
- Resiliency, thanks to the elimination of hardware
- Cost effectiveness
In many cases, enterprises are opting for commodity cloud providers: the Amazon, Microsoft, and Googles of the world. Under certain circumstances, these types of clouds are a great option. If flexibility and strong service levels aren’t of particular importance, commodity clouds are worth evaluating.
On the contrary, if you’re looking to take advantage of the cloud and get the most out of what it has to offer, going the perceived cheap route isn’t always advisable. If you’re looking for performance, security options, and support for compliance, consider working with a specialized data center cloud partner. When you have specific requirements for your computing environment but rely on a commodity cloud, it’s probable you’ll end up paying more in the long run, anyway.
How to Do Cloud When Security is a Priority
The security environment of today is a virulent one, and the landscape will only become more risk laden. Malware is on the rise and extending into mobile devices. Identify theft has come to be commonplace. Costs of data breaches are rising. In a perfect world, security would be a priority for all organizations; some, however, deal with more sensitive data and greater compliance demands than others. If this is the case for you, there are a few reasons why leaning on a specialized cloud provider as part of an integrated data center offering may be your better option.
First off, specialized cloud partners are going to put a lot of effort into securing your cloud from the get-go; security is typically going to be inherent in their infrastructure. They’re likely going to offer more than just firewalls, monitoring, and generalized threat protection.
If you’re looking for performance, security options, and support for compliance, consider working with a specialized data center cloud partner.
Second, they’ll take the time to get to know your systems and environment inside and out in order to determine the best approach to security. Comprehensive managed services can be rolled into your cloud, whereas with a commoditized budget cloud, these responsibilities are going to fall onto your IT team.
A premium cloud service may be higher in cost initially, but it won’t come close to comparing to the costs of a breach or outage as a result of a security incident. If security is a priority within your organization, then you’re going to want a cloud with defense-in-depth security, period.
What Other Security Protocols Should You Look For?
- A Cloud-as-a-Service provider who has scalable, secure computing infrastructure built with a multi-tenant environment.
- Internal and external DDoS mitigation in an automated system that detects attacks in real time.
- “Oversized” network infrastructure, to allow for massive bursts in traffic – either malicious or legitimate. IP reputation filtering, allowing for external and internal sourced intelligence data to block known bad actors.
- IDS/IPS focused security, keeping watch on every single packet coming into and out of our network. This will reveal patterns of bad behavior and automatically stop attacks launched at your infrastructure and applications.
- All traffic is routed through dedicated firewalls, whether physical or virtualized.
- Host-based intrusion prevention and antivirus look for executables that appear malicious on servers themselves.
- As a last line of defense, a specialized cloud provider should be able to provide logs, maintained and reviewed for anomalies and other events that may have gotten through the many layers of defense.
A Word About Compliance
Compliance is a concern when it comes to commodity clouds, too. You’re not going to get support for your compliance requirements such as audits and audit responses, nor will they cover a significant percentage of controls. Consider HIPAA or SSAE18 compliance as an example. In a commoditized cloud they are rigid and inflexible towards auditors and auditing requirements. You get what you get. Auditors are not permitted to review or conduct a walkthrough of the data center. It’s advisable to look for cloud offerings that welcome customer auditors and provide audit support. A clear delineation between compliance responsibilities of the cloud provider versus the customer, is also key.
Commodity clouds have their own functional applications and can be a great fit for certain use cases. It’s not that they’re inherently less secure; it’s that the responsibilities of security will be yours to manage, which can become a risk if you don’t have the necessary internal resources or skillset. If security and compliance is a primary concern within your organization, prioritize protecting your business over budget and think of working with a cloud partner as an investment rather than an expense. The consequences of cutting corners on security are far more costly than opting for a cloud of higher quality.
Mark Houpt is the CISO for DataBank, which offers enterprise-class data center, cloud, and connectivity services.