In the latest installment of our Virtualization of Work Blog Series, today we look at some of the common cloud misconceptions. As we work with clients to facilitate the virtualization of their work, the issue of migrating data from physical, on premise servers to a cloud provider often comes up early in the process.
If you are not already using some form of cloud-based service to support day-to-day business operations you probably will be soon. Cloud computing refers to a process of “sharing resources to optimize performance.” When the term ‘the cloud’ is used, it is often in reference to software and services that run on the internet, rather than locally on your own computer or servers.
As with any technology, there are advantages and disadvantages but looking at the world today and where it is going, the cloud is fast becoming a “necessary business driver.” So, here are a few myths about the cloud, along with the requisite myth busting.
Cloud misconception #1: The cloud is inherently insecure
False. Leo Reiter (CTO of Nimbix) explains that “cloud providers live, eat, and breathe network security while most other organizations don’t usually list it as one of their core competencies.” Cloud computing allows users to benefit from basic economies of scale: lots of users paying means that cloud service companies have the resources to invest in security in a major way.
Cloud misconception #2: Data stored in the cloud is somewhere in the internet with no physical location.
Not quite. When data is stored in the cloud, it is actually stored in a physical location. Files are transferred via the internet from your computer and stored on a server (or more likely servers) located somewhere far away, but very much physical in nature.
Cloud misconception #3: physical control of data implies security.
Not so fast. Just because your servers are located in your office and you can physically see them, should not imply security of data. Experts explain that overemphasizing the physical location of servers can divert focus from more pressing factors that impact security, such as human social weaknesses and malware.
Cloud misconception #4: Data is more secure if physically stored in Canada.
Also false. Any data stored in a cloud service owned (even indirectly) by a US organization could be accessed by the US government, regardless of where the data is stored. Additionally, if the data has been emailed or transferred via the internet, it may be intercepted by the US government (an estimated 90% of Canadian internet traffic is routed via the US). Note also that the Canadian government has very similar powers to the US government with respect to accessing your data.
Regardless of which country the cloud server resides, sensitive data should be protected while in cloud storage as well as when it travels over the internet. Such data should be properly encrypted (e.g. using AES-256) while in storage, and be protected by Transport Layer Security (TLS or HTTPS) while in transit.
In short, the cloud is neither a perfect panacea for business solutions, nor is it the unknown, unsecure, mystical place described by skeptics. As always, the truth lies somewhere in between.