The following three posts explore the topic of cloud hosting and the challenges it faces in providing secure data environments for enterprise consumers. In addition, it discusses the measures taken to combat these challenges, whether they be physical risks to hosting platforms or cybercrime.
The Need for Secure Data
The concept of security in all aspects of computing can be said to fall into two areas, the preservation of data and the control of data. The first of these concerns is the ability to ensure that data is not lost or corrupted, whether it be sensitive (i.e., private) or not. Data preservation may be essential for the effective operations of a business, for example, to be able to contact suppliers/clients or monitor and analyse business performance (business intelligence). In many cases firms are required to preserve data for periods of time by regulatory bodies in order to provide audit trails on their activities and where data is deemed personal, sensitive or private in relation to customers, suppliers or employees, firms will also be required by data protection laws to maintain that data.
The second issue pertains to the risk of sensitive data being seen by those who should not have access to it. Again data protection laws govern firms when it comes to only obtaining personal data with an individual’s permission and then ensuring that they control who has access, restricting unwarranted access. In addition however, firms will invariably want to keep their own business operations private as well to prevent competitors gaining an advantage on them.
All IT infrastructure needs to confront these security issues whether it be personal or enterprise level computing and this has been a particular challenge for cloud computing in general, including cloud based hosting.
The Vulnerabilities
Cloud computing services ultimately require networks of physical servers to create the pool of computing resource from which clients can access their computing as a service, which means that all cloud resources always have some form of physical location. In addition, cloud services rely on a point at which the end users can access them, often publicly available on the internet as well as of course a public network such as the internet to transfer the data used by the service. These three elements to a typical public cloud service each have their own vulnerabilities in terms of the protection and preservation of data.
Physical Security
In terms of the physical infrastructure used to build a cloud service, many of the security challenges are the same as those faced by any other hosting platform. To keep data secure, providers first need to keep the infrastructure secure and running, and the data centres where cloud servers are housed take great measures to these ends. In terms of access, they ensure that the facilities themselves are secured against unauthorised personnel by using tools such as biometrics, security cameras, guards and limited access to individual server suites. This not only controls the risk of intentional sabotage or physical hacks but also the risk of accidental damage caused by one engineer affecting another organisation’s servers, for example.
Furthermore, servers and network infrastructures are protected against physical damage using advanced fire protections systems and environmental controls such as temperature management. Controlling the temperature inside data centres is one of the primary expenses of a data centre provider due to the vast amount of heat generated by working servers. The aim of the exercise is to ensure that servers can run at their optimal temperatures but if left unchecked the damage caused could take servers offline completely. Data centres employ techniques such as chiller units, ventilation and water cooling to keep temperature regulated and servers running smoothly.
Cloud servers and their networks also benefit from the general expertise of data centre providers to keep the hardware maintained and up to date, ensuring that the chances of other hardware failures are reduced. As with alternative hosting solutions which locate servers in data centres, such as colocation, dedicated hosting and VPS (virtual private servers), this expertise may be accessed at a fraction of the cost it would take for businesses to deploy in-house.
However, these physical security measures are only the first step. The second part of this post explores the efforts taken to keep cloud hosting software operating smoothly and prevent data from falling into the wrong hands.