Having compared cloud with traditional dedicated hosting solutions on their respective costs and performance issues in the preceding posts in this series, the final instalment provides further analysis of the two in regard to security issues.
For many private and enterprise customers, security is the primary area of concern when making the switch from traditional localised computing to cloud computing solutions, particularly when it comes to the topic of hosting. Businesses that require high levels of security to be applied to their hosting platforms have traditionally flocked to dedicated hosting solutions, to avoid the vulnerabilities introduced by sharing servers with other companies or business functions. These enterprise customers have since been somewhat reticent to make the switch to cloud (despite the efficiencies mentioned previously).
Dedicated Server Security
Dedicated servers have, by design, features which are conducive to high levels of security in that they are individual platforms on discrete servers which are operated for single purposes – i.e., they do not share disk space or computing power with other services or businesses. This distinction leads to a number of security benefits in terms of both protecting access to hosted data and the preservation of that data. To achieve these twin aims, the risk of hackers or malware accessing the data and/or corrupting it is minimised; by not having any other functions/companies sharing the hosting platform it reduces the number of possible points of entry/access and therefore the number of security vulnerabilities on the server. What’s more, a business sharing a host server would have no control over the effectiveness of the measures taken to secure these vulnerabilities if they are sharing the server with third party businesses. The dedicated model also removes the competing demands placed on the physical computing capabilities of the server by other hosting platforms/solutions stacks/businesses’ IT projects, meaning that there is less risk of server or network failures leading to the unavailability or loss of data.
Cloud Hosting Security
Cloud Hosting platforms therefore need to re-address these issues as they fundamentally rely on the concept of shared or pooled computing resource. Public cloud models will struggle to offer the same protection as a dedicated platform because they not only share physical hosting infrastructure across multiple virtualised hosting platforms for disparate customers, but have further vulnerabilities in that the access points to such services are across public networks – in other words anyone can ‘knock on the door’ and any information being transferred between access point and server is at risk of being intercepted. Furthermore, one organisation who is a consumer of the service has no influence or control over the trustworthiness of others who may have signed up to share these pooled resources.
The answer to dedicated platforms for cloud computing is the private cloud. This model relies on the concept of ring-fencing a pool of computing resources for the use of a single organisation to eliminate the vulnerabilities of sharing. The concept has a variety of ways in which it can be physically implemented but where it involves a physically distinct pool of servers it can remove the aforementioned risks of sharing with third parties. In addition the use of a physically distinct line for access or on-site location of the servers can negate the risks of data being intercepted in transit or of unwanted access to the platform. However, by implementing measures such as these, organisations eliminate many of the economies of scale that make the cloud so attractive in the first place. Consequently, private clouds are often created using virtualisation to create ring fenced virtual networks of servers and secured access to those with technologies such as MPLS and VPN. These virtualised private clouds are becoming more and more secure and whilst they may not quite rival the physical independence of dedicated servers of localised private clouds there is a determination in the industry to close the gap and allow enterprise to benefit from the cost efficiencies and scalability benefits of cloud hosting without compromising on their security.