"

Estimated reading time: 3 minutes, 35 seconds

How Secure Is Cloud Computing?


cloud imageTechnology pop quiz for business owners: What's more secure?
A. Data stored in redundant back-up server installations (or "the cloud"), automatically updated and maintained, in a facility secured from outside threats. Or B. Data stored or backed up to an on-site tape or flash drive, whenever the company's controller or non-IT back-office staffer remembers to do it - then left in the drive? For many, the answer in theory is A, but in practice, it's B.
Why is this important? Because studies have shown that 70 percent of companies go out of business after a major data loss and 60 percent of companies that lose their data will shut down within six months. Yet those unfamiliar with cloud computing still believe onsite back-up is a safe, secure solution. Therein lies one of the most compelling reasons to embrace cloud or ERP (enterprise resource planning) computing.

The misperception is that data (primary data or back-up data) that resides in "the cloud" is vulnerable to intrusion or theft by others. The truth is that today's server installations have been deemed secure enough by many leading Internet-dependent companies and organizations, like Google, eBay, Verizon and even the U.S. Government.

Enterprise cloud computing - or "the enterprise cloud" - brings infrastructure-as-a-service to any business. It allows for dynamic allocation of required resources designed to scale as client capacity and performance needs grow. Security is inherent to the solution. Though data is located in an array of shared servers - which helps keep costs down, individual content is discrete and protected. Content is accessible via a password protected Web dashboard. Firewalls and intrusion detection applications are manned by certified security specialists. Servers themselves are locked in "cages" in a highly secure data center. Simply put, client data - and the server it resides on - are locked down.

As with many cloud computing providers, clients should rely on the vendor's expertise as much as the service itself. For example, at I-BN, our rules and practices are designed to protect client content from various threats. For example, our latest products secure against "SQL injection." Also called SQL insertion attacks, this process seeks to exploit security vulnerabilities in the database layer of an application.

Client remote access is gained via Hypertext Transfer Protocol Secure (HTTPS). This combines HTTP with SSL/TLS protocol to secure network identification and encrypt communication - creating a secure tunnel for the session. We also comply with Sarbanes-Oxley in requiring clients change passwords every 90 days.

No one can protect against every threat. The greatest vulnerability to your cloud service - beyond a disgruntled employee who has access and seeks to cause malicious damage - is a password written on a sticky note stuck to the monitorQuestions arise because the cloud technology is somewhat new and there is a level of misinformation and uncertainty. As a result,they fear their data will not be secure on a cloud-based server. They worry it will become immobile and they'll be locked in - either by contract or data incompatibility between platforms - should they plan to move to another provider. So they seek a lower-cost, easier to comprehend alternative. This often ends up being a friend "in the computer business," or an employee who claims to know how to back up data or set up a private cloud installation.

Gary Feldman

A pioneer in the ASP market, Gary Feldman formed I-Business Network in 1999 as an outsourced application hosting service focusing on mid-market ERP systems. He achieved the first ASP agreement with Sage Software (State of the Art), Advanced Software Development Company and SAP Americas (for SAP Business One). Feldman also helped I-BN to innovate ERP deployment through the use of pre-configured databases with rapid deployment and subscription/fixed fee pricing.

I-BN was one of the first ASPs in this space to provide virtualized services and cloud computing to the mid-marketl. It is currently developing tools and techniques for automation of both technical and ERP provisioning for SAP Business One and Sage MAS EES to reduce total cost of ownership through application hosting.

Feldman was formerly an executive with Accenture and was a CIO for a mid-market company. He began his career as a CPA specializing in audit and accounting information systems with BDO Seidman and founded a consulting practice with a regional CPA firm.

Read 6153 times
Rate this item
(0 votes)

Visit other PMG Sites:

Template Settings

Color

For each color, the params below will give default values
Tomato Green Blue Cyan Dark_Red Dark_Blue

Body

Background Color
Text Color

Header

Background Color

Footer

Select menu
Google Font
Body Font-size
Body Font-family
Direction