Every day, the number of attacks against corporate IT infrastructures continues to rise. In fact, as cited by one CNN Money article, “More than 317 million new pieces of malware – computer viruses or other malicious software – were created last year.” That’s about 868,493 new malware threats each dayeach day. Most of these threats are just slight variations on older malware, but the number of new threat signals is still staggering.
The threat of data breaches arising from hack attempts is driving companies to become more security-conscious. Concerns about security are, in fact, one of the top barriers to cloud adoption. In one Cloud Security Alliance survey, 49% of respondents stated that, 49% of respondents stated that “security of corporate data in the cloud” was a primary concern about using cloud, driving use of on-premises infrastructure.
Yet, recent evidence actually suggests that the cloud is safer than on-premises solutions.
Why On-Premises Infrastructure May Not Be Safer
The common perception is that data will be safer with an on-premises solution than an off-premises one, but that isn’t necessarily true. As cited in an Information Age article, “Almost all of the massive data breaches we’ve seen of late were within traditional on-premise IT.”
In some ways, the cloud can help to eliminate certain security vulnerabilities. An example of this was highlighted in the Information Age article, “employees with potentially malevolent intentions will find it more difficult to locate certain data in the cloud… the lack of physical access and relationships with people could make data in the cloud more secure.”
Additionally, cloud service providers are often able to install and maintain multiple layers of security that would be prohibitively costly for a company not focused on creating IT infrastructure as part of the core business.
Keeping an Eye on the Cloud
A major part of cloud security is the ability to monitor your cloud and get reports of intrusion attempts, including source, type, and what they were attempting to access. Having this information helps in the creation of custom security rules to repel specific IP addresses and traffic types that have been identified as active threats.
It may be preferable to use a premium cloud service provider who can manage monitoring and threat response tasks for you, as keeping IT staff dedicated to these tasks can quickly become expensive for your organization.
Keeping Data Secure with the Right Cloud
Of course, not all cloud service providers are created equal. For some, the data security measures needed to create a safe cloud environment are treated as an extra-cost add-on service rather than an integral part of the solution.
When considering public cloud providers, check to see if security measures such as perimeter, per-app & per-tenant firewalls, data-at-rest encryption, log monitoring, antivirus, and secure data centers are included in the basic cloud service. If not, then you might want to consider a more secure cloud solution because security should be built into the bones of your infrastructure.