US-Council News

Why the Cloud Could Be Your Most Secure Place for Data

The heated debate over cloud versus on-premise has been going on for years, with both sides citing cost and security reasons to support their claims. As the debate unfolds, one thing is becoming increasingly clear – companies are doubling down on security.

This is particularly true in the cloud. In fact, by 2021, spending on global cloud security solutions will reach $3.5 billion, according to a forecast from research firm Forrester.

Though most are warming up to cloud security, in several industries there is still a misconception by some that the cloud doesn’t offer the same levels of data security as traditional on-premise data centers. Contrary to that notion, cloud providers often have far better security solutions in place than on-premise data centers.

For those exploring cloud solutions that still have reservations about safety, consider these reasons why the cloud could be the most secure place for your company’s most sensitive data.

#1: Regulations, Standards and Compliance

Standards to support the governance of IT have existed for decades, such as the International Organization for Standardization (ISO), which is used by cloud service providers and their customers to help ensure that security best practices are being followed. It provides a framework for IT within an organization, and offers guiding principles for senior management on how to effectively and efficiently use IT.

If you’re migrating data to the cloud, the cloud provider must be able to meet strict compliance regulations to ensure safe, secure use. Cloud providers have quickly realized that security can be a key business enabler and have completed a tremendous number of security certifications and compliance requirements, such as ISO 27001, ISO 27018, CSA STAR, FedRAMP, amongst others, so as to win enterprise customers.

Resources such as the recently-updated Shared Assessments’ Evaluating Cloud Risk for the Enterprise whitepaper provide step-by-step guidance for enterprise organizations moving their services to the cloud. It assists in helping organizations create a cloud strategy that will scale across hundreds of their cloud providers, both locally and internationally.

#2: Security Capabilities

On-premise solutions are oftentimes built on legacy technologies and business practices. They often need to support older technology stacks, which will have significant technology and security debt. Their internal security teams are oftentimes smaller and they may be stretched thin doing basic work such as patching their technology stack, leaving little or no time for innovation or security research and development.

Cloud on the other hand is a far newer service model. As it is newer, it can be built using the latest technology stack and should be far less vulnerable to legacy vulnerabilities. As the cloud provider may be managing thousands of customer environments, they likely have a far larger security budget as the cost can be spread across their thousands of customers. This allows for the hiring of security specialist teams and the deployment of advanced technologies, which would be considered prohibitive for most on-premise providers.

Companies should expect and indeed demand far greater security controls from the cloud than they would expect from an on-premise provider.

#3: Data Access & Loss Prevention

Having access to the right data at the right time is critical for helping organizations succeed. On-premise may be quite good at storing data in a data center, however what happens when people need access to it? Oftentimes they will copy it from their on-premise data center to their laptop, where they can view, edit or print it. Realistically this now means that copies of your business data may now be stored in millions of spreadsheets, in thousands of laptops, everywhere from people’s homes to the trunk of their car. Obviously, the security and privacy controls are significantly weakened or are non-existent at this point.

Cloud has been designed to allow for strict authentication, authorization and accounting. It allows for data to be securely accessed and managed throughout its data lifecycle. Cloud provides a far more granular access control data model (e.g., a user can view and modify a dataset online), but can’t copy that data locally, where it is far easier to compromise. Cloud provides for a rich feature set that allows for deep data analysis all the while ensuring that appropriate security controls are in place (e.g., the data can then be viewed and analyzed online in the cloud, as opposed to having to copy a spreadsheet on to a laptop, where it would be far more susceptible to being compromised).

Cloud can provide far superior security than on-premise solutions, but organizations would be well reminded to exercise a healthy dose of caution as is the case with any move to a new service model. Highly regulated industries such as banking and government organizations still have concerns with the cloud when it comes to the control and transparency of their data.

As cloud providers and the underlying technology continue to evolve to address those reservations, a few industries will likely cling to on-premise, but the cloud is rapidly becoming the de-facto industry model for providing a modern enterprise computing service.