It’s a cyber defense debate pursued with almost religious vigor: Do you put your faith in the cloud, or does your confidence lie in traditional on-premises IT solutions? The debate is as fierce as ever as tech providers, security experts, and enterprise users weigh in.
When Amazon Web Services introduced the cloud in 2006, it seemed like a crazy idea. Why would any private company want to save their data on a shared cloud (possibly shared with their competitors) hosted by an online retailer?
However, the idea became more appealing as companies realized the money and resources they could save by moving their data to the cloud rather than building and maintaining new data storage containers, especially as company data grows exponentially.
With concerns of return on investment mostly assuaged, the dispute continues to focus on cybersecurity. According to Information Age, 76% of business users say security is their main concern when it comes to cloud-based services. With that in mind, here are a few things to consider when deciding to either move your data into the cloud or on-premises data centers.
Are there cloudy days ahead?
To begin, it’s important to understand the differences between the different types of clouds offered: private, public, and hybrid. At the most basic level, private clouds are owned by your organization; public clouds are owned and maintained by an outside provider (AWS, Microsoft Azure, etc.); and hybrid clouds split assets between the two.
Many organizations are adopting a hybrid approach with cloud and on-premises solutions. For instance, an organization could protect its most valuable information on a private server while simultaneously allowing the majority of its operations to run through the cloud.
This might be a good strategy for mitigating some of the risks associated with each infrastructure. For example, the cloud can be accessed from any device, making infiltration easier for hackers. Meanwhile, on-premise solutions often lack the in-house expertise to implement the proper security measures often provided by a dedicated cloud provider.
Similarly, cloud infrastructures can sometimes crash, creating problems for clients. If this happens, on-premise databases can assist with essential operations in the meantime. However, if an on-prem data center fails, it’s up to your own team to manage the repairs, which can often lead to excessive downtime and costs.
Also, remember that data can be intercepted during a transfer, stolen from someone’s device, or snatched while at rest or in storage. Be sure to encrypt your business data so that only authorized recipients can access it.
In an interview with Information Age, Okta vice president Philip Turner said, “There’s no doubt that the weakest link in the security chain will prove to be the on-premise environment. You only have to look at the number of penetration attacks that there have been on on-premise environments to see that statistically it has now been proven that people cannot manage security as well in their own on-premise environment.”
On the other hand, Network World editor-in-chief John Dix said, “Getting security is hard enough when you control all the resources. Moving them to the cloud just further complicates the job… [The] risks associated with running confidential data to/from a cloud provider are greater than organizations will be willing to tolerate.”
While the cloud vs. on-prem conversation is likely to continue for years to come, its vital to understand that most cybersecurity issues arise not from with the infrastructure, but rather through the applications used, employee negligence, or automated attacks on the network or consumer level.
Nevertheless, this is an important debate without a clear answer. Each organization needs to decide for themselves what is right. After all, a well-fit cyber security solution is more secure than any slapdash decision.
For more insight on data security, see Security Must Be A Core Component Of Digital Transformation.