The safest place for your data? The cloud!
Author: Alexandru Malos, Solution Sales Specialist – Azure, Insight Enterprises
Fear of cyberattacks, network intrusion and data leaks is a common concern for every organisation today, not least for hosting providers. Where they always only had their own datacentres to secure, the spread of cloud technology now brings a new challenge. But is the cloud sufficiently secure? Many hosting providers are not yet convinced. They see the cloud as a significant threat that leads, among other things, to vulnerabilities for system security. With respect, I do not share that view: most vulnerabilities do not occur in cloud technology, but in on-premises datacentres. Let’s look at an example.
In May 2017, the world was shaken up by WannaCry, a worldwide ransomware attack, which affected more than 200,000 computers across 150 countries, with total damages ranging from hundreds of millions to billions of euros. WannaCry targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments to decrypt them. When Microsoft learned about WannaCry a few months prior to the outbreak, they had released patches to fight it. However, many organisations had not applied these patches, or were using older Windows systems that were past their end-of-life, enabling the WannaCry worm to do its devastating work.
Risks due to delays
The WannaCry attack is just one example that shows something very remarkable about the weaknesses in system security. Although large cloud providers such as Microsoft release patches and updates to continually protect their platforms, many organisations, including hosting providers, are lagging behind in the implementation. Main reasons? Lack of expertise and lack of time. Patching and upgrading can be complicated and requires specialist knowledge and expertise to get it done right. It can also take a lot of time, especially with the enormous amount of daily attempts to break the security. Unfortunately, knowledge, expertise and time resources are scarce at many smaller and larger hosting companies.
Why the cloud is the safest place
In this context, it is essential for hosting providers to choose the best possible security they can get. And, contrary what is generally thought, the best possible security is to be found in the cloud. It is a matter of scale, expertise and resources. Where most hosting providers have their own private cloud, consisting of one to several datacentres, a large cloud provider such as Microsoft has a global presence with more than 100 datacentres in 54 regions, with millions of customers. They have a legal obligation to secure everybody’s data to the best of their abilities. Security is one of their concerns today, if not the most important. This means that they have extensive teams of security experts who work every day to prevent and solve security issues. Much more than any individual hosting provider could achieve on his own scale.
Azure and GDPR
Then there is GDPR. Since May 2018 every business with activities in Europe must comply with the General Data Protection Regulation (GDPR). GDPR imposes new rules on companies with regard to the privacy of customer data, data protection, transparency in data policies, and IT staff training and auditing. How can individual hosting providers be sure to comply with all regulations? Again, the solution can be found in the cloud. Providing the most comprehensive set of compliance offerings of any cloud service provider, Microsoft has created products and services, tools and resources to help hosting providers with GDPR compliance.
Three simple, bolt-on measures to overcome cloud security fears
Because of scale, because of knowledge, because of certifications, because of so many services and products already available on Microsoft Azure and Office365, I can only say that the safest place for your data is the cloud. Why reinvent the wheel, while Microsoft can let you drive right away? Anyway, if you still have doubts, here are three simple, bolt-on measures to overcome your fears.
- Apply Multi-Factor Authentication (MFA) or Second Factor Authentication as a very simple step to improve system security in your own on-premises environment or in the public cloud. If a hacker wants to log in from an external environment with a stolen username/password, he (or she) will be prompted to enter a second-factor authentication code, which can be a text message or a prompt on an app or token, which he will not have. Extra security. In addition, the Microsoft MFA service also includes the automatic blocking of users who have committed fraudulent actions.
- Use a hybrid configuration to connect your on-premises datacentre to Azure. There will come a point in time when you prefer to use (new) services from Azure instead of building new hardware yourself, in terms of cost, scalability, availability and accessibility. There is the possibility to use all the benefits of the cloud and to keep the on-premises security behind your own firewall with site-to-site VPNs, fast routes as a single channel between on-premises and cloud, without data traveling over the internet.
- Conduct free trials to combat common ideas around the cloud. See how things work, are Azure and Office365 just as secure, as fast, as cheap, as …, as Microsoft says? Know what you are talking about and what your benefits can be.
If you do not know where to start, then Insight can help. As one of the major Microsoft partners around the world, we can work with you and answer all your questions. Involve us, we have all the available knowledge and resources to help, from evaluating your cloud readiness to deployment and management of your cloud workloads. We help you to meet your security requirements.