For several years, the business argument to elevate platforms, apps and data to the public cloud has been characterized by the “Yes, it’s a great idea, but what about security?” narrative. Let’s start with the first part of this view, and then explain why the latter no longer applies.
Advantages of the Cloud
The advantages of the cloud are not just impressive — they are fundamentally game-changing, especially for SMBs that cannot afford to implement a traditional on-premise data center. The wins include:
- Significant Cost Savings
- Scalability and Flexibility
- Always-on Availability
- Mobile Access
- Improved User Experience
- Faster Implementation
- Enhanced Collaboration
- Improved Data Hygiene
- Better Version Control
- Disaster Recovery and Loss Prevention
- Automatic Software Updates
- External Technical Support
- Reduced Environmental Impact
As Salesforce founder and CEO Marc Benioff summarized: “If someone asks me what cloud computing is, I try not to get bogged down with definitions. I tell them that, simply put, cloud computing is a better way to run your business.”
Now, let’s look at the big — and typically, the only — reason why many companies have been reluctant to elevate to the cloud and realize the benefits: security fears. Indeed, according to a survey [PDF] by the Cloud Security Alliance and sponsored by Skyhigh Networks, 73% of organizations say that security concerns are holding back cloud projects.
Obviously, security concerns are not minor factors. Considering the potentially catastrophic consequences (the average cost of a data breach is $7.91 million, and 60% of SMBs fold within 6 months of a major cyber-attack), strong, compliant security is the top priority and obligation. However, the perception that the cloud is a risky and threatening “Wild West” of data management is, thankfully, no longer valid.
Security Rises to the Cloud
Today, the cloud is not just as safe as legacy on-premise data centers – in many cases it is more secure. Here are the key reasons why:
- Cloud service providers carefully monitor security 24/7/365 and conduct ongoing penetration and vulnerability testing, which is a level of continuous scrutiny that many companies — and again, especially SMBs with limited budgets and smaller IT staff — cannot provide. Vivek Kundra, Executive Vice President, Industries, at Salesforce, commented, “Cloud computing is often far more secure than traditional computing, because companies like Google and Amazon can attract and retain cybersecurity personnel of a higher quality than many governmental agencies.”
- Storing data in the cloud helps reduce the frequency and severity of insider threats carried out by negligent and disgruntled employees, contractors and vendors. According to research by the Ponemon Institute, the average annual cost of an insider threat is $8.76 million.
- Unlike on-premise systems that rely primarily on firewall protection to keep the bad guys out, cloud systems deploy multiple layers of security. Data can also be wiped remotely in the event that machines are stolen or compromised.
- Cloud systems store data in multiple locations, which protects information from hardware failure and corruption. Research shows that recovery times are 4 times faster for SMBs that use cloud services versus those that don’t.
- Most cloud services have built-in security features, such as the ability to shut down any part of a system if a risk or threat is detected, along with app role-based authentication.
- Cloud security is increasingly leveraging AI to find and eliminate threats and using machine learning to automatically get smarter and faster.
- Using cloud apps encourages companies to build a strong, customized threat assessment model to detect potential leaks, and continuously test it (try and break it) to confirm validity and enhance strength.
According a survey by Microsoft that focused on SMBs in the U.S, U.K., France and Germany, 94% of respondents said that they improved business security after adopting cloud applications, and 62% of respondents said that their levels of private protection increased as a direct result of moving to the cloud.
With this in mind, we’re not saying that companies will instantly, automatically and sustainably improve security simply by migrating from on-premise data centers to the cloud. To safeguard data from both careless and rogue insiders along with external hackers, companies must implement integrated best practices. According to Donald Faatz, a Security Solutions Engineer at Carnegie Mellon Institute’s Software Engineering Institute (SEI), this approach should include the following aspects:
- Fully understanding security needs by performing due diligence across the lifecycle of applications and systems that are being deployed to the cloud, including planning, development and deployment, operations, and decommissioning.
- Establishing and managing access across three core capacities: identifying and authenticating users, assigning users’ access rights, and creating and enforcing access control policies for resources.
- Protecting data in three key areas: preventing unauthorized access, enabling ongoing access to critical data in the event of errors and failures, and avoiding the accidental disclosure of data that was supposed to be (and assumed to be) deleted.
- Monitoring and defending systems and applications that are created via cloud-provided services.
- Collaborating with cloud service providers to investigate and respond to potential security incidents in a manner that is compliant with privacy regulations.
It is also necessary to educate end users; many of whom may be suffering from “security fatigue,” which is a reluctance or weariness to deal with computer security and take risks seriously.
How we can help
As you may know, here at Devolutions, we never stop investing in new ways to keep your data secure. Keeping everything I stated above in mind, we are now turning to the cloud era in both privileged access management (PAM) & password management with respectively Devolutions Password Server (DPS) and Devolutions Password Hub (DPH).
If you're new to Devolutions Password Server, here's what you need to know. DPS is an easy-to-use privileged access management tool made for IT professionals that can be both deployed on-premises or in the cloud. In DPS you can:
- Store and manage all your privileged passwords in a highly secure vault
- Launch remote connections to servers, websites and applications
- Create and attribute roles to your users
- Securely share access to critical assets
- Monitor and easily generate activity reports
If you want to learn more about DPS and see how effective it is, you can request a demo here.
But wait, there's more! I also am more than pleased to share that we also just released a new password management tool for teams and businesses, Devolutions Password Hub! DPH is a new cloud-based and super easy-to-use password manager for people who are looking for security and convenience. You can learn more on Devolutions Password Hub and join the beta by visiting DPH new website here.
To Infinity and Beyond
Legacy systems can no longer exclusively provide the functionality and storage support to keep up with changing workload, workforce, and customer demands. Now that fears about security are no longer forcing companies to keep their data on the ground, it’s safe, smart and strategic to elevate to the cloud. Or, as Toy Story’s Buzz Lightyear would say: “To infinity and beyond!”