On-Premise Plus Cloud = The Hybrid Approach
A quick look at the headlines of tech blogs and publications will give the impression that all companies and organizations are transferring their IT infrastructure and digital assets to public cloud services. The transition to the cloud is happening at a gradually accelerating pace. The future of online businesses, small and large, resides in the cloud.
It sounds like a fair proposition. After all, the cloud is the natural evolution of traditional IT. You can start hosting your website, ecommerce business and file management and sharing system on the cloud without hiring an IT staff, in a matter of minutes and with nothing more than an internet connection. You also don’t need to invest in an expensive data center, servers, cooling, power backup systems, etc. With the cloud, you pay for resources as you go.
The convenience and benefits of the cloud are so much that it would seem unnatural to go in any other direction.
But the truth, however, is that many organizations continue to invest in on-premises data centers, while others opt for hybrid solutions that include both cloud and on-site servers. There are many reasons to remain wary of the cloud, main among them security.
Cloud hosting services usually do a good job of securing the assets of their customers. But they are also very attractive targets for cybercriminals and hackers who would rather direct their efforts toward a target that would give them the jackpot. Also, the convenience of the cloud with tradeoffs that can’t be overlooked.
Here are some of the concerns you should be aware of:
Data control and ownership
When you sign up with a cloud service, your entrusting your service provider with the handling of your information. Your data will reside on the servers of the cloud company, in remote locations that you don’t necessarily have physical access to. Depending on your business and activities, your data might be subject to data privacy and protection laws such as HIPPA, GDPR and the CCPA. Other regulations might put restrictions on storing data offshore.
For many companies, storing sensitive information in the cloud is not an option. Though there are ways to store data in the cloud and stay compliant with rules and regulations, these companies will rather avoid the complications and continue to store their data on their own physical servers.
The recent data breach at Capital One shows how vulnerabilities in the cloud infrastructure can negatively affect the business and reputation of an organization.
Availability of services
All major cloud providers also provide backup and disaster recovery services and abstract them for your benefit, providing you with a set of options and configurations to control how and where to backup your data and how to make sure your services remain online round the clock. This is very convenient for organizations that lack in-house IT staff and can afford to trust an outside entity to ensure their services remain online at all times.
For many IT chiefs, however, having the bare-bones hands-on availability of in-house IT is still the more attractive option. When you’re running your own services, you can also set up your own disaster recovery plans, backup schedules and other contingencies.
Cloud outages happen rarely, but when they do, they can have devastating effects. An example is the 2017 outage of S3, Amazon’s huge cloud storage service.
Bandwidth and data transfer
One of the greatest challenges of running a cloud-based business is the amount of data that must be sent to and from the cloud. Depending on the kind of activities a company conducts and the amount of data it generates and processes, network traffic between operations locations and the cloud might prove to be a bottleneck, especially if their internet connection is unstable.
These companies usually choose to run their operations from their own data centers or opt for a hybrid model, where their own data centers act as a failover in case their connection to the cloud fails.
Until broadband internet becomes more ubiquitous, 5G networks become a reality, and internet connections are becoming less of an obstacle, some of the more established businesses will prefer to do things the classic way.
With large tech companies having a thirst for amassing and mining customer data, there’s always fear that if you’re storing your data in the cloud, you’re effectively making it available for analysis to the hosting company.
Of course, this is not necessarily true, especially if you’re data is being end-to-end encrypted. But tech companies do have a tendency to publish very complicated ToS and EULAs that cleverly give them free hand to look at your data and share it with third parties.
For companies that are extremely concerned about their sensitive data and IP inadvertently falling into the wrong hands, moving away from the cloud becomes an attractive option.
Authentication and account security
One of the main (and very legitimate) concerns of companies that avoid the cloud are the mechanisms cloud providers use to verify the identity of users and provide access to online accounts. Some cloud providers continue to use username/password combinations as the main method of authenticating user access, with two-factor authentication as an optional security enhancement.
For many industries and domains, Two Factor Authentication (2FA) is mandatory. Others are moving toward removing passwords and replacing them with more secure alternatives. While passwordless authentication is picking up steam, cloud providers are slow to catch up.
In this light, many organizations choose to set up their own data centers, where they’re better positioned to implement their authentication technology of choice and make sure they remain conformant to their industry’s standards.
Authentication and identity access management concerns can be one of the biggest deal breakers for organizations, especially as cybercriminals become more sophisticated in account hijacking, phishing scams and credential theft attacks.
The benefits of hybrid systems
Despite all the concerns surrounding the cloud, there’s no denying its advantages, and companies will continue to want to enjoy the benefits of the cloud while also addressing its major concerns.
In this regard, one of the solutions that is gaining traction is that of hybrid systems, where companies can divide different components of their IT systems between the cloud and their local servers.
One of the best places where hybrid systems are answering the concerns of organizations are authentication technologies, where companies use their own in-house servers to store and manage users’ identities and use the cloud to store and manage data.
There are distinct benefits to this hybrid approach. First, you get to choose the authentication technology of your choice, such as secure, multi-channel passwordless identify verification that will give you both security and ease of use. Identity servers can be set up in-house with minimal IT resources and in a cost-effective way.
Also, moving data to the cloud will enable you to take advantage of the vast resources of the cloud, relieving you of the IT and cost overhead of running your own large data centers. Meanwhile, having user identities on your own premises will enable you to use secure solutions, where data is encrypted in the cloud and encryption keys stored on your own servers along with each user’s identity. Interestingly, the combination of cloud and on-premise addresses nearly most of the concerns mentioned above, especially where security and privacy are concerned.
The cloud will continue to evolve and iron out its security and usability kinks. But on-premise is also here to stay. Bringing them together will give you the best of both worlds.
Air Gap Network Multi Factor Authentication
Air Gap Network Multi Factor Authentication
The Ultimate Solution For Credential Stuffing Attacks