Why is the cloud perceived to be insecure?

HomeBlogsWhy is the cloud perceived to be insecure?

Security is one of the most commonly-cited reasons why Enterprise and Public Sector customers are reluctant to embrace cloud computing, notwithstanding the many benefits it offers in other respects.

On the surface of it, it would almost seem that the question doesn’t need asking. After all, the very term cloud implies a degree of opacity – a lack of visibility as to where resources (applications, data, compute, storage, network etc.) are actually located. It would also appear to apply a similar lack of transparency as to who controls those resources – who sets policy, who enforces policy, how compliance is audited, and so on. Furthermore, the fact that access to many cloud-based services can be provisioned through a browser in no more time than it takes to enter an email address and a credit card number adds to the impression that this is not Enterprise-Class technology. It is entirely reasonable for businesses to be wary of the security risks posed by putting “crown-jewels” data assets in the cloud.

Does this mean, then, that Enterprises should simply stay away from the cloud, in spite of its obvious and well-publicized business transformation benefits and economic advantages?

In order to answer this, it is important to recognize that there is actually no such thing as “The cloud”. There are several well-accepted cloud paradigms and for each paradigm, there are multiple (and in some cases many) commercial service providers to choose from. The first thing that an Enterprise must do when considering a move to the cloud is to understand the business goals it wishes to obtain from the migration and then determine which, if any, of the cloud paradigms have the potential to fulfil those goals, while respecting the security considerations we have been discussing.

So what, precisely, is it that Enterprise cloud providers offer that makes their environment more secure, in the sense that we have been using the term, than Public cloud providers?’

Very simply – they do not “cloud” the data. In an Enterprise-class cloud environment, although the compute will be multi-tenant, the data will not. From a data security standpoint, an Enterprise cloud provider will:

  • Physically separate each customer’s data onto separate physical disks, even if using virtual storage solutions
  • Only store that data in data centers known to and approved by the customer for that data
  • Manage the back-up and/or replication of that data in a predictable manner, as set out in either published terms and conditions or a bespoke SLA
  • Provide an advisory service as an integral part of the onboarding process to ensure that the customer’s security requirements are fully understood and reflected in the migration process and the deployment architecture
  • Provide full audit capability at all times so that the customer can ensure compliance with the terms and conditions or the bespoke SLA

To learn more about building your organization’s private, hybrid, public, or community cloud on xStream, please email to Mike.Palmer@colt.net.

Shot of two businessmen using a digital tablet together in an office

Make Do

01 June 2015

Recent posts

Colt claims second place in Vertical System Group’s Ethernet Leaderboard

Following on from the success of coming second in VSG’s 2020 Ethernet Leaderboard, Colt has continued its streak ...
Continue Reading

Colt provides Europe with the Channel’s most capable cables

In partnership with Getlink, Colt will replace the fibre optics that run through the Eurotunnel with cables that ...
Continue Reading

Colt Technology Services brings together SD WAN and SSE features in new integrated full SASE solution

Enterprise security solution underpinned by Versa SASE  London, UK, 28 June, 2022 – Colt Technology Services’ customers now ...
Continue Reading