Public Cloud Concerns: Myth vs. Reality

CloudDespite the increasing popularity and adoption of cloud services, many misperceptions still abound about their potential disadvantages. Companies considering a cloud service purchase should carefully sort through both the hype and the myths about cloud computing before making a purchasing decision.

Cloud misperceptions vary, but three primary myths have emerged that might cause IT decision makers to stop and reconsider their cloud purchase plans. However, the reality behind these myths should give buyers reassurance when it comes time to make a cloud decision.

The Data Center Death Knell Myth

With data and functionality increasingly moving to cloud services, IT employees may be concerned about being replaced by the very technologies they choose to deploy.

While this isn’t a completely unfounded concern, the reality is that cloud services are largely being adopted by younger and smaller companies that don’t already have in-house IT departments. The ability of the cloud to provide IT services that such companies would otherwise have to build from scratch is one of its primary advantages.

For companies that already have an established IT team, cloud services aren’t likely to steal away jobs anytime soon. Companies may move some of their data and processes, particularly storage, to the cloud, but most companies will continue to house critical data on private networks in a hybrid approach. In-house IT will continue to be needed to support private network operations.

The Security Myth

One of the most common and persistent misperceptions about the cloud is that it opens up companies to a variety of new security risks. The thought of having data leave the safety of the corporate security fortress and travel via potentially unprotected connections to a public cloud creates concern over attacks on a company’s critical data.

In reality, because of their singular focus on providing data services, cloud providers often have some of the best security experts on staff who focus entirely on predicting security vulnerabilities and protecting against attacks on client data.

The Data Black Hole Myth

Some companies worry that once they allow their data to transfer to a cloud service, they will lose control over it or have difficulty moving it or getting it back. This myth likely circulates because in the past, it had some truth to it. Making a cloud transition sometimes meant data was locked in with the chosen provider.

But trends surrounding this cloud concern are changing. Some of the larger cloud providers offer tools that make it easier to control and move data when the company chooses. Amazon’s Snowball appliance allows customers to easily migrate data, and Velostrata introduced an appliance that eases the migration of data to and from the public cloud.

Making an Informed Cloud Purchase

Cloud services provide many benefits to companies that want to improve their operations and increase efficiencies. IT decision makers have a responsibility to choose a cloud service that protects the company’s data assets and provides the right services for its users.

All technologies have pros and cons. Deciphering myth from reality surrounding security, data availability, and future IT employment can help decision makers make the right cloud choice.

Weighing the Pros and Cons of the Cloud

shutterstock_270601862Getting involved with the cloud is a popular proposition when looking at acquiring new technology. A company should consider how cloud technology relates to the business as well as current regulations before moving to the cloud.

Understand the Benefits of the Cloud

Businesses should first consider how a move to the cloud can be beneficial. Customer Relationship Management (CRM) tools, for example, enable employees to view customer interactions so that technicians, sales staff, and customer service agents are aware of how other employees interacted with a customer at certain intervals. Management can also more easily monitor employees from a single dashboard. These actions are difficult to replicate outside of a cloud service.

Understand Any Potential Negatives

Preparations should be made to understand what migration to the cloud will entail as well as what could potentially go wrong. For example, pieces of confidential customer data may be collected and stored in the cloud and will require protection. Confidential company data such as product costs and internal reports will exist in this tool as well, so internal security is also a consideration.

Other factors that should be investigated when searching for a cloud provider include the potential for customer data to be lost or compromised if the system is hacked as well as the actions a company would need to take if the cloud provider suffered a major outage.

Understand Cloud Provider Services

It is important to investigate what a cloud provider does to protect its clients. Pull data from the cloud provider from time to time so that backups are in place in the event that the relationship with the cloud provider ends or the provider takes much longer than the service agreement allows to resolve technical issues when they occur. If data can’t be exported easily from the beginning, that should be a red flag.

There is a lot of good that can come from the cloud. Capital expenses can be reduced or even eliminated and employees will be able to access their data in a variety of ways, among many other benefits. But it is important that a business makes preparations to transition to the cloud so that the company does not experience any pains while growing into the technology.

IoT Market Demands Data Security

shutterstock_65198842In just a few short years, industry experts predict that the Internet of Things (IoT) will have a tremendous growth explosion. By the year 2020, research suggests 30 billion devices will be connected in a $3 trillion marketplace. Assuring that this avalanche of data is protected by layers of security is paramount to the industry’s success.

Soon there will be homes where the front doors unlock with a smartphone, its temperature is controlled remotely, and even the oven is turned on by punching a code. “Smart homes” are already on the technological horizon, but the security features must keep pace for viability.

Consumers own many devices that are not just unencrypted, but with marginal to non-existent security features enabled. Some end users leave the factory-set passwords in place, making illegally accessing a device’s data mere child’s play for the average hacker.

Making IoT Devices Secure

Certain qualities are required in order to make the security on IoT devices effective. The security must:

  • Possess cloud capabilities
  • Be platform agnostic
  • Have the ability to facilitate IoT technological ecosystems
  • Be lightweight

The ability to manage security via a cloud platform is a vital component to any implemented system. Cloud management enables manufacturers to patch changes to security configurations once a weak spot is detected – even after consumers purchase the device. The hardware itself can be tethered to private key exchanges to simplify authentication, provisioning, and configuration.

The benefits of utilizing agnostic security platforms are clear. Processing capabilities in IoT devices can enable them to be managed and controlled via the cloud. Transmitting large-scale changes in provisioning, authenticating, and configuring can also be handled at cloud level from a centralized location.

Compact IoT devices with security features embedded at the chip is a practical solution for securing data at the core of the device while still utilizing available space. IoT devices can have private keys already embedded to enhance security. This additional layer of security allows compromised components to be identified as “untrusted” and isolated from the other devices on the network. Default passwords would no longer be necessary once key exchanges are implemented within the hardware to authenticate each device. This also allows them to remain lightweight.

Issues to Overcome with IoT Devices

However, the lightweight, compact size of IoT devices limits the space available for security. Another drawback is the multiple levels of vulnerability when connecting devices or at the data host site of the chip. In addition, the limitations of the processing capabilities on devices manufactured by different companies creates security challenges. At present, consumers must use devices made by the same company in order to link them. Cloud-based connections reduce the necessity of standardizing the processing capabilities of IoT devices.

Most IoT devices aren’t currently enabled for cloud management, which is a potential security pitfall. When devices are all tethered to the cloud, it is a simple fix to patch security vulnerabilities – even when they are in the hands of end users. Devices can communicate more readily with one another when cloud capabilities have been implemented.

The bottom line is that the success of the IoT industry is dependent upon the security that is provided by the technology. To ensure that data protection remains a primary focus in an expanding market, networks and devices must be safeguarded. Enabling cloud management capabilities and security features embedded at the chip level can achieve these results.

Preparing For Data Loss

Data lossData loss incidents, when an organization suffers the loss of valuable data, can cause considerable harm to the business. The loss may be as a result of a natural disaster, fire, or theft, and the impact can be irreparable. Yet statistics show that relatively few organizations adopt robust data protection policies. This is short-sighted because sensitive and important data is held in the cloud, and its loss, even if temporary, can hurt the organization.

Risk of Data Loss

The most likely reason for the loss of data is through a natural disaster, and interestingly, significant portions of the country are at risk in one way or other. Heavy flooding, hurricanes, and earthquakes have a wide geographical spread and one incident can affect a large area, so it’s important to consider not only the business location, but also the location of data servers. In addition to natural events, data may also be lost through fire and theft.

An easy way to understand the business risk is to ask one simple question: What if we lose our data?

Financial Losses

According to a 2014 Global IT Study that surveyed 3,300 respondents, 64 percent of organizations experienced data loss in the last 12 months. The research highlighted that the cost to enterprises of lost data and downtime was $1.7 trillion.

Researchers found that although a high percentage of organizations had disaster recovery plans in place, relatively few had implemented effective data protection practices and less than half employed remote, cloud-based data protection.

Impact of Lost Data

There are two aspects of data loss that affect organizations. Firstly, there’s the loss of the data itself that may include essential operational information, critical customer data, and proprietary information, all of which affects the company’s ability to function. Secondly, there is downtime that inevitably arises from the incident as the organization works to recreate or recover the data. In the worst-case scenario, an organization might have to suspend operations for a period of time, resulting in lost revenue.

Long-Term Impact

Apart from the short-term losses, businesses may incur ongoing difficulties that lead to the loss of customers, lower sales, and long-term reduction in revenue. In many instances this can mean closure or bankruptcy.

Based on the Global IT research, companies need to take the risk of data loss seriously and implement a workable disaster recovery (DR) plan.

Disaster Recovery Plan

Although a comprehensive DR plan needs to consider all aspects of disaster recovery, there can be no recovery if the data is not available. Consequently, at the core of the DR plan must be a process for ongoing data backup and remote storage. Should data be lost, this would mean that it can be recovered, operating systems restored, and business resumed with little delay.

Contingency planning must allow for the possibility of partial or complete loss of data. Additionally, apart from allowing for natural calamities, plans should factor in the risk of man-made catastrophes, such as fire, explosion, equipment failure, and data theft.

Every business faces the possibility of losing data in one way or another. It’s imperative to be ready for a disaster to strike, so that when it does, businesses are able to respond promptly and effectively to restore data and get back online.