Blog Feed Post

Security & Data Backup in the Cloud: The Basics

Cloud Security

Cloud Security

Every month major corporate and governmental sites across the world are hacked for various reasons: faulty security protocols, badly administered firewalls, vulnerability to malware etc. The truth of the matter is as business owner your sensitive data, be it financial figures or customer invoices, is not safe behind your current security measures. Moreover, the data backups which you perform (you do regularly backup your data, don’t you?), even though they are most likely stored on an external password protected hard drive, are not taking place often enough nor are they kept behind stringent enough security measures.

The reason for your lack of security is simple: you are attending to more pressing matters. You have a business to run and the last thing on your mind when you are trying to ship 10 tons of cargo across the Pacific Ocean is what your external hard drive is or isn’t doing. So we have a question for you, what if you could be sure your data was secure? What if you could hire a company to monitor and backup your secure data on a bit-by-bit basis because it’s their job. When you decide to virtualize your data with a secure IT Integrator, you get exactly that. (For a short casual conversation on Cloud Security with FortressITX Director of Managed Services, Louis Ardolino click Cloud Security).



Before we go any further the first thing which has to be mentioned is the importance of an onsite datacenter. Your Cloud provider must have their own datacenter where they store all your information securely. If they don’t, you are paying your IT integrator to outsource your data to another IT integrator. Bad idea. If your IT company has to pay another company to manage your data, how secure can everything really be?

With that out of the way, let’s talk about security. Within the Cloud, security concerns are generally grouped into three key areas: Security and Privacy, Compliance and Legal. For the sake of this conversation, we are going to speak to the most pressing of the three, security and privacy.

Security is a Two Way Street

Security in a Cloud environment is a two way street involving your IT integrator and the customer (you). For your IT integrator security means protecting and locking down all of your secure data within their datacenter and protecting your server with firewalls so only you have access to it. It means deploying stringent firewalls to ensure traffic going in and out of your Cloud is of a non-malicious nature and it means protecting your data and applications via software, web application and hardware firewalls. Conversely for the customer, security in the Cloud means using an IT provider who is committed to maintaining stringent security measures in both your Cloud and onsite LAN (local area network).

One of the most common mistakes for companies entering the Cloud is forgetting to secure their physical location with firewalls. Although you have chosen to virtualize your data, you still have to maintain security protocols on your desktop and throughout your physical office. It’s great that you have chosen to virtualize your data with a security focused Cloud provider however if you don’t install a firewall across your LAN, your desktop can still be hacked compromising your data.

Now that you have secured your LAN and virtualized your data into a Cloud environment, we have to talk about VPN’s. A VPN (virtual private network) allows you to establish a secure direct connection between your office and your private Cloud by utilizing tunneling protocols and various encryption measures. The benefit of a VPN is very simple: a secure impenetrable connection between your physical location and your private Cloud. For small businesses with sensitive information, there is no better Cloud security platform than a VPN.

To ensure security, IT integrators provide their customers with software, web application and hardware firewalls. Software firewalls are designed to protect the programs you use on a daily basis against any viruses. Common examples of software firewalls are Comodo, ZoneAlarm and Norton.

dotDefender Diagram

dotDefender Diagram

Whereas software firewalls are designed to protect the software you use, web application firewalls are designed to protect websites you visit and Intranet applications you use against hacking and web application attacks moving both in and out of your Cloud. To combat XSS and SQL Injection attacks, excellent IT integrators supply their customers with web application firewalls such as dotDefender, ServerDefender and Trustwave.

Although software and web application firewalls are great and highly needed, for truly effective security on multiple servers, a great IT Integrator will deploy hardware firewalls like Cisco ASA-5505 or Dell SonicWall. The major difference between a software firewall and a hardware firewall is a hardware firewall is specifically designed to monitor an entire internal network by separating all incoming and outgoing data packets. Whereas a software firewall monitors one or two servers, a hardware firewall polices an entire network of servers, or, an entire Cloud.

Now at this point you might be asking yourself, Ok, but aren’t there different types of Clouds, Public and Private? How does security work? Good question.

Think of a Public Cloud as an apartment building. Within your building (Cloud) there are many apartments filled with all sorts of people (tenants). Just like with a good apartment building, there are multiple levels of security, i.e. a doorman and personal door locks. This is done so no one can get in from the outside that shouldn’t be there and tenants can’t enter someone else’s apartment. A Public Cloud is the same way. An IT integrator will install firewalls and various security measures when deploying your Cloud to keep outsiders out (doorman) and will install personal firewalls to make sure no one in your Cloud can get into your apartment (door locks).

It has to be mentioned though, just as a door lock can be picked for access, so can your Cloud VPS. In reality gaining illegal access to your Cloud VPS (hacking it) is something to worry about however a good set of network monitoring, ids (intrusion detection system) and spam monitoring, like the kind DedicatedNOW deploys, will detect these break in attempts and stop them before causing any damage.

Private Cloud. A Private Cloud option is tailored differently than a Public Cloud. In a Private Cloud, the firewalls are tailored to you and your company. Within a Private Cloud you control every aspect of your security because the firewalls deployed are dedicated to you and no one else. You are alone in your Cloud meaning greater security control and a more focused security concern on outsiders.

In a Private Cloud you worry about outsiders, not fellow tenants. Due to this within a Private Cloud, it is vital your IT integrator has rigorous initial security hardening measures and continues to use them while the Cloud is deployed.

Another aspect of security in the Cloud is data backup.

Security is Great but Data backup is Essential

True data backup. If you are like most people and small businesses, you back up your data via a password protected external hard drive with a capacity limit that is always connected to your PC (Ex. A 500gb Seagate).

Seagate External Hard Drive

Seagate External Hard Drive

As you work, your computer runs scheduled backup syncs on a daily/weekly basis. If one day your computer happens to crash due to malware or a Trojan Horse virus, because your data backups are daily, you still have your information. This all sounds wonderful right? Well, here is the thing, one, your password can be hacked. Two, your external hard drive, like your PC, can crash or become corrupted causing complete loss of data. Three, you might back up a corrupted file containing the very virus which caused the crash in the first place. With a Cloud integrator, this issue is no longer yours to worry about.

By virtualizing your data into the Cloud, part of your IT integrators job is to constantly monitor and manage your data. As previously mentioned, data backups for most people means an external hard drive with a capacity limit which may or may not be password protected

Think of your IT Integrator as your own custom virtualized Slomin Shield. When you enter into a contract with Slomin, the representative you speak with will ask you about your home and what security measures you want to install. You want an alarm? Ok. You want cameras around your home? Check. By entering into a fully virtualized Cloud infrastructure, like Slomin, you can custom tailor your data backup needs.

For example, you’re a growing investment firm with an in-house server allowing for 1 terabyte of data running on RAID (Redundant Array of Independent Disks) 5. Your growth means you’re going to need more storage capacity, speed and redundancy. By virtualizing your data and entering the Cloud, your IT integrator will assess your current set up and work with you to build your personal Cloud infrastructure.

Whereas now you have 1 terabyte of data running on RAID 5, your IT Integrator will custom tailor your needs to supply you with 3 terabyte’s of storage running on RAID 10 (English translation: A lot of storage capacity running very quickly with full redundancy and fault-tolerance). Fault-tolerance is a key term. It means if one of drives fail, the information in your other drives is still alive and well however this does not substitute for true data backup.

It has to be mentioned, SAN data security is extremely important. How a SAN provider prevents other people from accessing your data – if they data is encrypted, how authentication is done – as an extremely important details when choosing a Cloud provider. What happens if someone gets full access to the SAN? Can they correlate the data with a customer? Can they see all the data? What prevents hackers from getting full access? Is data available on a public network, a local network, a hosted network? These are all things that need to be considered when moving into the Cloud.

True data backups require continuous data protection (CDP). CDP means just that, continuous. Unlike most external hard drives which perform data backups as a scheduled event, CDP backups operate as bit-level disk-based data protection. This means, “rather than reading and backing up individual files, CDP backs up data on a bit-by-bit basis…capable of providing hundreds of individual recovery points per day, scheduled as frequently as every 5 minutes.”

So now you know about data backup but you’re asking yourself, “honestly, do I really need to back up my data?” In a word, yes. Imagine falling asleep one night in your apartment without locking the door because you chose to forgo buying a lock. Come the morning, all your things are gone. Not fun.

Password Hacker

Password Hacker

Now imagine the same with your business data. You go to bed and come the morning because you chose not to back up your data within a secure infrastructure, hackers cleaned you out. Not fun. You need data backups because in this case, Mom’s old adage of “better safe than sorry” is spot on but how many data backups do you need?

Although the answer varies, depending on the nature of your company’s data, ensuring two backup sources for all critical data is a minimum requirement in protecting the vital data that your company has spent thousands, even millions to build and maintain.

Now that you know all the ins and outs of security in a virtualized setting, look to this space in the future for more in-depth posts regarding everything Cloud.

























Read the original blog entry...

More Stories By DedicatedNOW Blog

DedicatedNOW is committed to providing highly reliable services that are unmatched in the industry. All its tools and resources are designed keeping the users in mind.

Latest Stories
SYS-CON Events announced today that IBM has been named “Diamond Sponsor” of SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California.
We all know that end users experience the Internet primarily with mobile devices. From an app development perspective, we know that successfully responding to the needs of mobile customers depends on rapid DevOps – failing fast, in short, until the right solution evolves in your customers' relationship to your business. Whether you’re decomposing an SOA monolith, or developing a new application cloud natively, it’s not a question of using microservices – not doing so will be a path to eventual b...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Services at NetApp, will describe how NetApp designed a three-year program of work to migrate 25PB of a major telco's enterprise data to a new STaaS platform, and then secured a long-term contract to manage and operate the platform. This significant program blended the best of NetApp’s solutions and services capabilities to enable this telco’s successful adoption of private cloud storage and launchi...
Infoblox delivers Actionable Network Intelligence to enterprise, government, and service provider customers around the world. They are the industry leader in DNS, DHCP, and IP address management, the category known as DDI. We empower thousands of organizations to control and secure their networks from the core-enabling them to increase efficiency and visibility, improve customer service, and meet compliance requirements.
In his general session at 21st Cloud Expo, Greg Dumas, Calligo’s Vice President and G.M. of US operations, will go over the new Global Data Protection Regulation and how Calligo can help business stay compliant in digitally globalized world. Greg Dumas is Calligo's Vice President and G.M. of US operations. Calligo is an established service provider that provides an innovative platform for trusted cloud solutions. Calligo’s customers are typically most concerned about GDPR compliance, applicatio...
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.
Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant tha...
Cloud Expo, Inc. has announced today that Andi Mann and Aruna Ravichandran have been named Co-Chairs of @DevOpsSummit at Cloud Expo Silicon Valley which will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. "DevOps is at the intersection of technology and business-optimizing tools, organizations and processes to bring measurable improvements in productivity and profitability," said Aruna Ravichandran, vice president, DevOps product and solutions marketing...
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous a...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, will lead you through the exciting evolution of the cloud. He'll look at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering ...
SYS-CON Events announced today that IBM has been named “Diamond Sponsor” of SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California.
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...
Gemini is Yahoo’s native and search advertising platform. To ensure the quality of a complex distributed system that spans multiple products and components and across various desktop websites and mobile app and web experiences – both Yahoo owned and operated and third-party syndication (supply), with complex interaction with more than a billion users and numerous advertisers globally (demand) – it becomes imperative to automate a set of end-to-end tests 24x7 to detect bugs and regression. In th...
In a recent survey, Sumo Logic surveyed 1,500 customers who employ cloud services such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). According to the survey, a quarter of the respondents have already deployed Docker containers and nearly as many (23 percent) are employing the AWS Lambda serverless computing framework. It’s clear: serverless is here to stay. The adoption does come with some needed changes, within both application development and operations. Tha...
SYS-CON Events announced today that Avere Systems, a leading provider of enterprise storage for the hybrid cloud, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Avere delivers a more modern architectural approach to storage that doesn't require the overprovisioning of storage capacity to achieve performance, overspending on expensive storage media for inactive data or the overbui...