A Cloud Infrastructure 101

Cyber Security

/

December 21, 2018

Karen Walsh

Cloud services providers enable business operations in many of the same ways that community gardens build stronger and more sustainable communities. Community gardens offer space to grow affordable food, allow people to identify community assets and build networks, and engender collaboration among otherwise disconnected community members. Cloud service providers enable the same benefits for small and mid-sized businesses that need affordable tools to enable collaboration and productivity through shared data assets and IT networks. When it comes to data security, SMBs must ensure their cloud service providers protect data from malicious actors in the same way that community members protect the gardens from people pilfering produce.  

What is cloud technology?

Cloud technology is a way for you to access and use web-based tools and applications rather than purchasing physical devices to create and store your information. In other words, you use the internet to store and transmit data across all your users rather than installing software and servers directly.

In most cities, high property costs lead to small yards or no yard space at all (talking to you, apartment dwellers). People establish community gardens because they can’t afford land to grow their own food. Cloud technology similarly allows you to expand your data environment by storing information off-site, to compensate for limited budgets, office space and technical knowhow.

What is cloud computing in simple terms?

Traditional data storage and sharing requires physical devices called servers. Referred to as “server farms,” these devices connect to each other within your physical location using your local network connection so employees can access files, printers, and backups.

In simple terms, using “the cloud” means that an internet connection allows employees to sync information to their devices whether they are on the premises or working remotely. The cloud also lets multiple devices access the same information at the same time giving employees the ability to work together from anywhere they have an internet connection.

Why use cloud services?

The quick answer to this is cost. A traditional server costs anywhere from $300 for a bare-bones 2 gigabytes (GB) device to $1,600 for higher-powered 8GB server that comes stacked with a range of software and processing upgrades. A mid-range server with 16GB server costs $600. Additionally, servers take up physical space that increases their costs.

Assume you want 1 terabyte (TB), equivalent to 1,000 GB, of storage for all your applications, files, and operating systems. This would require 500 of the cheapest servers which amounts to about $150,000, just in hardware. More likely, you would source those larger 16GB servers to save space. Thus, you would need to buy 63 devices, costing nearly $40,000 in total. Additionally, you need to factor in the cost of physical storage space and people to manage those machines. And once you buy these machines, they quickly become out of date.

Meanwhile, cloud technologies cost far less, are priced per user and allow you to expand your data environment more rapidly. For example, G Suite for Business from Google costs $10/month per user which includes business email, video and voice conferencing, secure team messaging, shared calendars, productivity tools like documents and spreadsheets, and unlimited cloud storage for businesses with more than five users. The standard team pricing for Dropbox for Business is $20/month per user starting with three users and offers unlimited space, administrative controls, single sign on, device approvals, and business-hour phone support. An SMB with 50 employees can store unlimited information to the cloud for $6,000/year using GSuite or $12,000/year using Dropbox.

Similar to a community garden providing more property without purchasing a more expensive home, cloud infrastructure allows you to “rent space” at a reasonable cost.

How cloud service providers enable business operations

Cloud services offer the same collaboration and access to resources for businesses as community gardens do for their communities. How?

Collaboration Between All Users from Anywhere

Employees share information in real-time and work collaboratively since all the information resides on the internet. Cloud services allow you to review file versions so that you can track changes and ensure that you have the most up-to-date version. If you’re storing files on devices and sharing via email, you risk having outdated versions or risk multiple versions of the same file.

Increased Access To Core Files and Tools

Research from IWG, a Swiss workplace provider, indicates that 70% of professionals work remotely at least once a week and 53% work remotely more than half the week. Thus, you need to increase remote access to your data, systems, and networks to enable employee effectiveness. Migrating to the cloud provides employees access to the information they need to do their jobs anywhere they have an internet connection.

What are the types of cloud computing?

Most SMBs use cloud platforms either as Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), or Platform-as-a-Service (PaaS). Choosing the right level of managed service provider means understanding the three primary choices for these platforms:

Public Cloud

A public cloud uses the public internet to manage connections and operations. Most people will recognize this as the traditional free version of Google Drive or Dropbox.

However, these services can put customer data at risk. Because they use the public internet, they open your organization to malicious actors who can infiltrate commonly known vulnerabilities. Additionally, these public clouds often don’t encrypt data at rest or data in transit which means that malicious actors can read any information they intercept.

Private Cloud

Large organizations often establish their own private clouds created and maintained by a dedicated IT department. This gives them some of the flexibility and access provisions of a cloud architecture, but maintains control over access and physical security.

However, to maintain a higher level of data integrity, these require monetary and human resources. The organization needs to create its own data center and run its own cloud servers. Although it’s often considered more secure, it’s not a readily achievable model for SMBs given the higher resource levels still required.

Hybrid Cloud

A hybrid cloud gives many SMBs the best of both worlds. Some data remains on-premises in servers, while other information is stored to a third-party public cloud platform.

Many SMBs choose this solution. You can store the sensitive data to servers over which you maintain control, while you can store less sensitive data to the cloud. A hybrid cloud solution allows you to store more data while also giving you a way to maintain control over sensitive data.

What are cloud service security risks?

SMBs migrating to the cloud worry about losing control over their data environment. However, many of these cybersecurity risks can be mitigated by taking a security-first approach to data protection. The 2018 McAfee report, “Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security,” outlined many of the top concerns for SaaS and IaaS users.

Data Breaches

According to the report, more than 25% of cloud infrastructure and software users experience data theft from cloud providers. Both IaaS and SaaS users cite their IT staff skills gaps as the primary reason for these data losses.

Automated tools that allow you to continuously monitor your controls offer a solution. for SMBs who need the affordability of cloud storage but lack the IT staff to help mitigate threats.

Data Transmission and Storage Protections

Highly regulated businesses need to make sure that their cloud services use specific cybersecurity controls. For example, healthcare providers need to comply with the Health Insurance Portability and Accessibility Act (HIPAA) to make sure that protected health information (PHI) is encrypted. Merchants need to comply with the Payment Card Industry Data Security Standard (PCI DSS) which specifically requires them to separate cardholder data from other systems and networks they use to enable business operations.

To protect yourself, you need should review your cloud service provider’s compliance documentation. Additionally, you should incorporate a vendor management program using automated tools to continuously monitor their compliance.

Malware From Cloud Apps

According to McAfee, 56% of IT professionals tracked a malware attack back to a cloud application, which was an increase from the 2016 numbers. These malware infections arose out of phishing, emails from known senders, drive-by downloads, and pre-existing malware downloads.

To mitigate malware infections, you should ensure, just as you would with on-premise storage and devices, that you install anti-malware software on every device and maintain the software by continuously updating it to the most recent version.

Zeguro Provides Transparency into Cloud Services Monitoring

Visibility into your managed service provider’s cybersecurity protections can be difficult. However, McAfee suggests businesses deploy automation and management tools with a unified security solution that provides centralized management.  One of Zeguro’s core values, transparency, eases the burden inherent in cloud services deployment.

  • Honesty: We know the strengths and weaknesses in the cloud service provider’s platform and can explain them to you.
  • Clarity: We understand the difficulties involved in tracking information stored in the cloud and can explain it in approachable language to get you compliant quickly.
  • Simplicity: Our user-friendly dashboard makes seeing into your cloud services as easy as possible so that you can analyze, mitigate, and monitor your cloud vendors.

For more information about how we can help you, check out our risk management platform or contact us at Zeguro to learn more.