striking The popularity of cloud platforms has soared over recent years, as businesses everywhere take advantage of the increased flexibility, cost-effectiveness, and apparent data security they offer. According to a recent report, three in five security professionals believe the risk of a security breach is the same or lower in cloud environments than compared to on-premise.
Despite this, however, the cloud may not actually be as secure as people believe. Both cloud and on-premise environments can have equally devastating flaws. Opportunistic criminals are all too aware that many business strategies now tend to favour a shift to the cloud, especially within those organisations – such as large enterprises and government bodies – that they would consider to be high-value targets.
As a result, cloud platforms are being aggressively targeted, and have become key strategic features on the global cyber and information warfare battlefield. The truth is that, although it offers a number of – very real – benefits, the cloud is no safer than on-premise infrastructure, and made less so in migrations that don’t prioritise cyber security.
Visibility and control
Data is, of course, the lifeblood of any business. The intelligence and insight it provides is what gives an organisation its competitive edge. Any conversation around security risks will therefore come down to the protection and control of an organisation’s data, whether on-premise or in the cloud.
So, it’s hardly surprising that, in a desire to retain control over their data, most large businesses simply won’t move it into the cloud. Doing so means they’ll lose visibility of it, which they consider to be a significant business risk. Indeed, apart from the cloud service providers themselves, there are very few £250m+ companies that use the cloud exclusively. Instead, in order to maintain visibility of their data, most organisations operate a hybrid model; part on-premise, and part – mostly public-facing infrastructure – in the cloud.
Corporate networks are becoming increasingly complicated, containing elements of both cloud and on-premise infrastructure. Protecting these networks, and the data that flows across them, requires a security infrastructure that both mirrors and is scalable to their growth.
On-premise infrastructure needs to be strong enough and offer complete visibility over an organisation’s data rates both now and in the future. Likewise, a virtual infrastructure is needed that can be deployed in the cloud, and that can be scaled out on demand, to meet an organisation’s changing demands, expansion plans and future data rates, all while still providing full visibility over its data.
Striking a balance
There is a balance to be struck, one that boils down to classic risk management – business versus security. On a technical level, the cloud is less secure than on-premise. Criminals see it as a high-value target and will attack it more frequently. But its flexibility, scalability and cost-effectiveness are often what businesses need to maintain a competitive edge. On-premise infrastructure, on the other hand, is more expensive, but it does offer organisations greater control over their data, and offers the added peace-of-mind of physical security features.