Having compared cloud with traditional dedicated hosting solutions on their respective costs and performance issues in the preceding posts in this series, the final instalment provides further examination of the two in regard to security issues.
For many private and enterprise customers, security is the dominant area of concern when making the switch from traditional localised computing to cloud computing solutions, particularly when it comes to the topic of hosting. Businesses that require high levels of security to be applied to their hosting platforms have traditionally flocked to dedicated hosting solutions, to avoid the vulnerabilities introduced by sharing servers with other companies or business roles. These enterprise customers have since been slightly reticent to make the switch to cloud (despite the efficiencies mentioned before).
Dedicated Server Security
Dedicated servers have, by design, features which are conducive to high levels of security in that they are individual platforms on discrete servers which are operated for single purposes – i.e., they do not proportion disk space or computing strength with other sets or businesses. This distinction leads to a number of security benefits in terms of both protecting access to hosted data and the preservation of that data. To unprotected to these twin aims, the risk of hackers or malware accessing the data and/or corrupting it is minimised; by not having any other roles/companies sharing the hosting platform it reduces the number of possible points of entry/access and consequently the number of security vulnerabilities on the server. What’s more, a business sharing a great number server would have no control over the effectiveness of the measures taken to obtain these vulnerabilities if they are sharing the server with third party businesses. The dedicated form also removes the competing demands placed on the physical computing capabilities of the server by other hosting platforms/solutions stacks/businesses’ IT projects, meaning that there is less risk of server or network failures leading to the unavailability or loss of data.
Cloud Hosting Security
Cloud Hosting platforms consequently need to re-address these issues as they fundamentally rely on the concept of shared or pooled computing resource. Public cloud models will struggle to offer the same protection as a dedicated platform because they not only proportion physical hosting infrastructure across multiple virtualised hosting platforms for disparate customers, but have further vulnerabilities in that the access points to such sets are across public networks – in other words anyone can ‘knock on the door’ and any information being transferred between access point and server is at risk of being intercepted. Furthermore, one organisation who is a consumer of the service has no influence or control over the trustworthiness of others who may have signed up to proportion these pooled resources.
The answer to dedicated platforms for cloud computing is the private cloud. This form relies on the concept of ring-fencing a pool of computing resources for the use of a single organisation to eliminate the vulnerabilities of sharing. The concept has a variety of ways in which it can be physically implemented but where it involves a physically definite pool of servers it can remove the aforementioned risks of sharing with third parties. In addition the use of a physically definite line for access or on-site location of the servers can negate the risks of data being intercepted in transit or of unwanted access to the platform. However, by implementing measures such as these, organisations eliminate many of the economies of extent that make the cloud so attractive in the first place. consequently, private clouds are often produced using virtualisation to create ring fenced virtual networks of servers and secured access to those with technologies such as MPLS and VPN. These virtualised private clouds are becoming more and more obtain and whilst they may not quite competitor the physical independence of dedicated servers of localised private clouds there is a determination in the industry to close the gap and allow enterprise to assistance from the cost efficiencies and scalability benefits of cloud hosting without compromising on their security.