Demystifying Cloud Services for Your Business

WHAT IS A CLOUD?

In its simplest form “Cloud Services” refers to a large collection of web-enabled servers that are managed by an independent second party. The best known of these service companies is AWS (or Amazon Web Services). Other well-known names include IBM, Google, and Microsoft Azure

HOW DID WE GET HERE?

Before the advent of cloud services the typical computer structure consisted of a CPU (Central Processing Unit) with on-board storage for data and for programs (MS Office, Photoshop, CAD programs and so on). All of this equipment was located locally at a desktop. Typically there was also an ethernet connection for communication via email services. Two significant changes created what we call cloud computing: the cost of computer memory plummeted; and the speed and reliability of internet connections increased dramatically. As a result, companies like Amazon that require a lot of data to run their businesses started building huge server farms and with reliable internet connections there was no longer a need for local program and data storage. Since the servers were virtually unlimited and their operation was almost infinitely configurable they were viewed as data “clouds” rather than just physical hardware.

HOW CLOUD SERVICES WORK

This history of how we got from individual computers to cloud computing is greatly condensed. However the result is that large server farms, which can be located anywhere in the world, create virtual versions of computers complete with programs, data storage and data back-ups and deliver that to desktops around the world. The business model for this looks different as you might expect. Programs or Applications are moving toward monthly rental or licensing service, commonly using the SaaS, (or Software as a Service) acronym. If you have memory intensive data (CAD drawings are a good example), it’s easy to just expand the amount of data storage in your monthly contract as your library of data grows. These characteristics give the advantage of flexibility and room to easily grow your business. Imagine of your software automatically took advantage of the latest version updates and security features automatically. That is the power of the cloud.

WHAT ABOUT CLOUD SECURITY

This is one of the biggest concerns expressed when moving to cloud-based solutions. The increasing complexity of computer systems adds more capability, but at the same time adds more areas of risk. Cloud service providers are aware of this and build in certain safeguards which are detailed, below. Businesses often have a cluster of computers in their offices which all, eventually connect to an outgoing Ethernet cable at a single physical location. This single point provides a good place to install a firewall for network security. This firewall can be managed either locally or from a cloud-based platform. For a quick run-down on security, here are the main areas of concern and how they are handled: Database; Network; Access; Threat Protection; and Information security.

Database Protection:

Typical vulnerabilities for databases are human error, excessive database privileges, hackers, malware, damage to servers, and vulnerable databases which are not properly maintained.

Network Issues:

A firewall as mentioned earlier is a logic physical separator for network traffic. It is the most common and versatile network protection. It reflects the network security policy and focuses security measures at this chokepoint.

Access Vulnerabilities:

The main means of access control is authentication, usually managed through user ID and password. Some authentication programs have a central administrator who also controls permissions. Examples of permissions are the ability to read but not modify data, modify but not delete data, or delete data.

Threat Protection:

Often this is a matter of monitoring database activities, analyzing and comparing them to historical activity to flag potential threats. This activity is intended to uncover anomalous and potentially suspicious events.

Information Security:

The first line of defense is data encryption. If access controls get compromised it can limit the damage by making the data useless to the hacker. Database backup is another key to information security and it is just what its name implies. Not often talked about, is the need for physical security. This is simply placing strict limits on access to the physical server and hardware components.

These security services can be provided by the cloud service provider, but they still must be administered locally for things like decisions about database and access management.

SUMMARY

The rise of cloud computing has happened quickly, but aside from the physical location of these large server farms, computer use is largely transparent from a user point of view. There are a lot of ways of “renting” cloud space: data storage; programs; communication; specific programs; development environment and so on. There are many security packages offered along with cloud services which makes sure you are protected from the latest data vulnerabilities. It still means that there needs to be an IT department to keep an eye on everything and manage data access. Of course it is always an option to maintain your own servers in a secure location and have an IT staff manage the hardware and software. But going forward, cloud has a lot of advantages in managing uptime, keeping security and programs up to the latest standards and keeping data backed up.