Posted by Kalyani M. on Jun 24, 2013
Enterprises looking to leverage technology to help stay ahead of the game have turned to secure cloud solutions for both convenience and cost savings. Cloud services can offer public hosting or private servers, depending on the particular needs of an enterprise, but each method of cloud deployment has its benefits and drawbacks. To fully capitalize on the cloud, enterprises must decide which method of hosting makes the most sense for their needs and budget.
Essentially, public hosting is like sharing an apartment complex with many residents. With public shared hosting, all accounts utilize the same resources like disk space, CPU time, and memory, and any available resources are shared. Public storage servers are very cost effective and diminish the need for a large IT staff. Maintenance and monitoring are handled by third party cloud service providers, which usually provide tech support as well. And enterprises can save even more money by not having to purchase, maintain, and upgrade servers onsite. Such on premise solutions require special attention, security, and expertise that many enterprises would rather outsource. And servers generally take up quite a bit of much needed office space.
But public servers have their downsides as well. Recently, a massive storm took out servers resulting in downed sites for major companies like Netflix, Instagram, and Pinterest. While unpredictable weather can strike onsite servers as well, this example just illustrates the fact that outsourced servers means a degree of outsourced security. One way enterprises can protect themselves while using a public server is by enacting better practices like requiring server administrators to login exclusively onsite. If logging in locally is impractical, procedures should be established that limit access to approved IPs and accounts, and security tokens should be used whenever practical. And of course, tunneling and encryption should be standard security protocols.
Enterprises must decide for themselves whether they would have more convenience and cost savings or more control. As Kelly Clay at Forbes writes, “It’s easy to blame AWS and public cloud services in general for the downtime we occasionally see, but even traditional infrastructures fail. Maybe instead it’s time to think differently about the interconnected nature of the services we rely on. Everything is intertwined.” This intertwining means that enterprises can’t skirt cost and security, and must choose between less costs and more convenience through public servers or more control through an onsite server.
For enterprises looking to retain full control of their data by keeping servers in house, dedicated or onsite hosting is the solution. Such servers don’t share space or resources with anyone else and give enterprises root access to their environments. This way, IT teams don’t have to rely on third party tech support for upgrades and internal tweaks. While onsite servers take up much more space and require dedicated staff for maintenance, upgrade, and security, they also grant enterprises greater flexibility. Many third party cloud services do not support multiple platforms, so enterprises that want to switch platforms or even build their own environments through Linux, might be stuck with one particular platform until the third party service adds cross-platform functionality. Having a private server onsite helps to sidestep these potential issues.
As with any deployment option, data security is of primary importance. Data drives most enterprises, so a single security breach could potentially ruin an entire brand. Trusting a third party cloud to secure your data should only be done if the cloud is fully private, otherwise the cloud service’s employees could have access to your enterprise’s valuable data. This is where having an onsite server can bring peace of mind, especially if your third party cloud server doesn’t provide “zero-knowledge” data privacy. Such onsite private servers put security ownership and control back into the hands of IT staff. Ultimately, enterprises must take full ownership of their data security, deciding which method of cloud deployment makes the most sense for their needs and concerns.
For enterprises looking to the cloud, SpiderOak Blue offers fully private “public” and onsite server options for full flexibility. Choosing the right third party cloud service can be a challenge as many services on the market have security gaps that leave private data vulnerable to third party attacks. But SpiderOak sets itself apart from the rest of the market by providing a fully private cloud service featuring all of the benefits of cloud storage along with 100% data anonymity.
SpiderOak protects sensitive enterprise data through 256-bit AES encryption so that files and passwords stay private. Authorized accounts can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of user passwords or data. And all plaintext encryption keys are exclusively stored on approved devices (SpiderOak never hosts plaintext data). SpiderOak Blue’s private cloud services are available for enterprises on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices, making this one of the only flexible cross-platform solutions on the market.