Choosing The Right Cloud Provider
Security issues have always been a key aspect of business planning; failure to properly protect your assets, your inventory, and your customer data is guaranteed to set a company on a road to ruin.
In the pre-digital age security was reasonably easy to manage, but the introduction of computers and the onset of cloud-computing has quickly expanded the number of weak points in an organisation’s set up, not to mention provided a new opportunity to a different group of would-be criminals.
Make no mistake – cloud computing brings a huge number of benefits to any organisation, but it would be remiss to suggest that it doesn’t also bring challenges. Properly securing your company’s vital data is one such challenge.
That’s why it’s so important to choose a reputable and dependable cloud provider. While lesser-known providers may appeal on cost, a closer look may reveal serious flaws in other areas of their offering such as support, service level agreements, or security.
The Risks of Poor Cloud Security
It seems increasingly rare that a week goes by without news of a data-breach or security hack hitting the headlines – in the last eighteen months alone we’ve seen internationally-recognised companies such as JP Morgan, Ebay, Home Depot, and Target all fall victim, along with countless lesser-known companies and small or midsize businesses (SMBs).
The risks of a security breach are huge. Firstly, there are significant monetary costs associated with disaster recovery, data loss, crisis management, and implementation of new defences. For example, in America most states require firms to notify their entire client database if a breach is suspected, with the costs of doing so estimated at approximately $30 per client.
Secondly, there are opportunity costs with regard to lost intellectual property and loss of customer confidence. This loss can have a knock-on effect across all facets of a company, from shareholder value and corporate stability to business reputation and financial performance.
Alternatively, perhaps a company could find itself on the receiving end of a lawsuit from damages to customers, or there could be an e-business interruption arising from either a security failure or an internet virus.
Who is at Risk?
If you’re an IT professional or Business Development Manager in an SMB, it’s easy to read an article such as this and assume that it will never happen to you or your organisation. In reality, nothing could be further from the truth.
All companies are at risk, no matter their size or their location. For example, recent research suggests that half of all companies that suffer data breaches have fewer than 1,000 employees, while the perpetrator of the attack is equally likely to be one of your most trusted employees or sitting at a computer on the other side of the world.
The solution is using a reliable and secure cloud vendor.
Why Choose Microsoft Azure?
Why should you and your company choose Microsoft Azure over similar offerings from Amazon and Google? It’s an important question to consider, but the answer quickly becomes apparent once you delve into the respective services’ features.
Firstly, there is the issue of familiarity. Windows is comfortably the most-used operating system in the world, and for those users Azure will be quick to learn and understand. It naturally has excellent integration with existing on-premise systems such as Windows Server, System Center and Active Directory, and therefore Azure will be faster and simpler to implement.
Secondly, there is Microsoft’s commitment to a hybrid cloud strategy. Amazon (and to an extent, Google) have typically been somewhat dismissive towards the benefits of on-premise private clouds – and this is short-sighted. For example, lots of businesses need (and want) to keep sensitive data within their own data centres, and will utilise public clouds for other reasons. The ability for Azure to offer this benefit along with a consolidated platform for managing hybrid cloud components makes it the best choice.
What makes Azure so Secure?
Microsoft has always adopted a policy of responsibility when it comes to their Azure offering. In a recent blog post, they explained they had “three foundational pillars of the Azure security infrastructure” – to protect infrastructure, to detect fraud, and to respond to incidents.
Indeed, Azure is designed from the ground up with security in mind. For example, they have a “Secure Development Lifecycle” that seeks to embed security policies into every phase of the software design process. Part of this process is their “Assume Breach” strategy, whereby a product is designed under the assumption that a breach has already occurred, and they have a dedicated team of experts who simulate attacks, thus testing the products ability to detect and protect.
Beyond that, they have an “Operational Security Assurance” offering, which works to increase the infrastructure’s resilience by decreasing the amount of time needed to prevent, detect, and respond to security threats.
Once a product is live, Microsoft offers a global incident response team that is constantly working to negate the effects of any cyber-attack. The team is split in two parts – engineering (who investigate and resolve the issue), and communications (who draft information and guidance for affected customers).
Azure also makes use of the latest technology in the area of encryption and key management. It uses industry-standard protocols for data being sent between user devices and data centres, and includes an option for businesses to encrypt traffic between virtual machines and end users. For data that’s merely being stored, AES-256 encryption is used.
Lastly, their network security will use firewalls, partitioned local area networks, and physical separation to prevent unauthorised traffic being sent to and within their data centres.
If you know your business could benefit from making the jump to the cloud, but are concerned that security could be an issue, you can stop worrying. The simple advice is to make sure you choose an experienced provider that invests heavily in their own back-end security and that is transparent with their customers about what steps they take to maintain client safety.
With this in mind, there is no better choice for your organisation than Microsoft Azure – contact them for more details about what they can offer.
This post is brought to you by Microsoft Azure and Cloud for Tomorrow.
By Dan Price