How Cloud Computing Companies Make Their Data Centers Hacker-Proof

Cloud computing naysayers have long cited security and privacy as their number one concerns. While more and more companies are adopting cloud services, many corporations and small businesses are still hesitant to embrace the cloud because of concerns about lax security and hacker attacks.

Companies like Microsoft, Google, and Amazon claim to have extremely strong security and have never reported a major security breach. But smaller companies like Dropbox and Zappos have, but the breaches were typically due to internal programming bugs. The question is, should consumers believe that their data is safe with major cloud players? Can cloud computing giants really deliver on their security promises? The answer, in most cases, is a resounding yes.

The largest U.S. data centers are almost always certified by the federal government under programs like FISMA and SAS 70 Type II certification. Cloud companies that hold these designations have implemented physical and cyber security measures.

Data center security starts with physical security. Large data centers typically employ a sizable number of armed guards, as well as technological measures such as high-resolution video monitoring, motion tracking, and analytics software, biometric and/or electronic keycard locks, and extremely strict policies on who has access to servers and other sensitive equipment. Employees are also subject to background checks and screenings as thorough as possible for non-defense organizations.

Companies employ multiple methods to ensure data security. These typically include both data/disk encryption and “data obfuscation,” a process in which even unencrypted data is made illegible to humans and standard computer programs. Obfuscated data is only rendered in clear text or images once it is relayed from the server backend to proprietary frontend interfaces, such as Gmail, Hotmail, and QuickBooks Online. Companies also go to great lengths to ensure physical data security. Deleted data is destroyed using complex wiping algorithms and then overwritten by other real data. Discarded hard drives are physically destroyed, rendering data recovery impossible.

At the network level, cloud companies deploy both human analysts and highly complex algorithms to analyze network packet traffic and look for any anomalies. Suspicious packets are automatically dropped and IP addresses blocked if necessary. Most companies also employ complex security protocols that require any service contacting data center servers to possess a uniquely assigned internal identity. If a network query cannot identify itself as a legitimate request from an internal service, then the connection is terminated. Other network security measures include complex, multi-level routing to detect and block malicious activity, and advanced firewalls.

At the operating system and physical server level, companies typically develop their own flavours of Linux or UNIX which are unknown outside the company, almost impossible to target with malware and viruses due to both software security measures and their obscurity, and constantly updated. Servers are also only accessible by authorized employees with unique identification numbers, and all activity is logged and monitored by both automated software and human supervisors.

Overall, data center security is extremely sophisticated and constantly evolving, leaving virtually all hackers in the dust and making it all but impossible for internal employees to inappropriately access customer information. No contemporary computer system can be completely secure, but most businesses’ data is far less secure on their own servers and computers than it is in a federally certified data center.

By Robert Shaw

About Robert

Robert Shaw was an early entrant into the cloud computing sector, working as a consultant for Accenture on server virtualization and software-as-a-service migration. He has also been a technical editor for eHow and other web properties and still provides local IT consulting services.

View All Articles

Sorry, comments are closed for this post.

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups Cloud platforms have become a necessary part of modern business with the benefits far outweighing the risks. However, the risks are real and account for billions of dollars in losses across the globe per year. If you’ve been hacked, you’re not alone. Here are some other companies in the past…

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet properties like Twitter, SoundCloud, Spotify and Box inaccessible to many users in the US. The DDoS attack happened in three waves targeting DNS service provider Dyn, resulting in a total of about…

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data The modern enterprise is digital. It relies on accurate and timely data to support the information and process needs of its workforce and its customers. However, data suffers from a likability crisis. It’s as essential to us as oxygen, but because we don’t see it, we take it for granted.…

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Success for Today’s CMOs Being a CMO is an exhilarating experience – it’s a lot like running a triathlon and then following it with a base jump. Not only do you play an active role in building a company and brand, but the decisions you make have direct impact on the company’s business outcomes for…

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Security It’s no secret many organizations rely on popular cloud providers like Amazon and Microsoft for access to computing infrastructure. The many perks of cloud services, such as the ability to quickly scale resources without the upfront cost of buying physical servers, have helped build a multibillion-dollar cloud industry that continues to grow each…

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Secure Third Party Access Still Not An IT Priority Research has revealed that third parties cause 63 percent of all data breaches. From HVAC contractors, to IT consultants, to supply chain analysts and beyond, the threats posed by third parties are real and growing. Deloitte, in its Global Survey 2016 of third party risk, reported…

Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in mind when implementing an ERP system. But do you know if cloud-based or on-premise ERP deployment is better for your company or industry? While cloud computing is becoming more and more popular, it is worth…

Using Private Cloud Architecture For Multi-Tier Applications

Using Private Cloud Architecture For Multi-Tier Applications

Cloud Architecture These days, Multi-Tier Applications are the norm. From SharePoint’s front-end/back-end configuration, to LAMP-based websites using multiple servers to handle different functions, a multitude of apps require public and private-facing components to work in tandem. Placing these apps in entirely public-facing platforms and networks simplifies the process, but at the cost of security vulnerabilities. Locating everything…