The misperception is that data (primary data or back-up data) that resides in "the cloud" is vulnerable to intrusion or theft by others. The truth is that today's server installations have been deemed secure enough by many leading Internet-dependent companies and organizations, like Google, eBay, Verizon and even the U.S. Government.
Enterprise cloud computing - or "the enterprise cloud" - brings infrastructure-as-a-service to any business. It allows for dynamic allocation of required resources designed to scale as client capacity and performance needs grow. Security is inherent to the solution. Though data is located in an array of shared servers - which helps keep costs down, individual content is discrete and protected. Content is accessible via a password protected Web dashboard. Firewalls and intrusion detection applications are manned by certified security specialists. Servers themselves are locked in "cages" in a highly secure data center. Simply put, client data - and the server it resides on - are locked down.
As with many cloud computing providers, clients should rely on the vendor's expertise as much as the service itself. For example, at I-BN, our rules and practices are designed to protect client content from various threats. For example, our latest products secure against "SQL injection." Also called SQL insertion attacks, this process seeks to exploit security vulnerabilities in the database layer of an application.
Client remote access is gained via Hypertext Transfer Protocol Secure (HTTPS). This combines HTTP with SSL/TLS protocol to secure network identification and encrypt communication - creating a secure tunnel for the session. We also comply with Sarbanes-Oxley in requiring clients change passwords every 90 days.
No one can protect against every threat. The greatest vulnerability to your cloud service - beyond a disgruntled employee who has access and seeks to cause malicious damage - is a password written on a sticky note stuck to the monitorQuestions arise because the cloud technology is somewhat new and there is a level of misinformation and uncertainty. As a result,they fear their data will not be secure on a cloud-based server. They worry it will become immobile and they'll be locked in - either by contract or data incompatibility between platforms - should they plan to move to another provider. So they seek a lower-cost, easier to comprehend alternative. This often ends up being a friend "in the computer business," or an employee who claims to know how to back up data or set up a private cloud installation.