By Carl Mazzanti, eMazzanti Technologies President
An increasing number of small, medium, and large businesses are embracing cloud computing or the delivery of computing services over the internet. Cloud technology can offer faster and more reliable application updates with greater flexibility and economies of scale since businesses only pay for the cloud services they utilize while new features can be purchased on an as-needed basis. But cloud providers can also place a digital target on the back of sensitive data, putting it at risk of a hack.
One of the many arguments in favor of utilizing cloud computing is that a business can generally avoid the upfront and ongoing costs of purchasing and maintaining assets like servers, storage, databases, networking, software, analytics, and intelligence. Cloud providers set up and maintain the necessary hardware and software on data centers over the internet and, as such, can easily scale a client’s cloud computing power or software up or down when needed. One example: during the first months of the COVID-19 Pandemic when large gatherings were banned, the NFL’s cloud computing partner rapidly scaled up its resources so the league could safely and efficiently conduct virtual drafts, with more than 100 live feeds running simultaneously.
Besides scalability and potentially lower upfront capital costs, there are plenty of other reasons to go with a cloud provider. A cloud computing environment can offer improved reliability with efficient data backup, disaster recovery, and business continuity services and data will be mirrored (or copied) in multiple sites on the cloud provider’s network. Further, reputable cloud providers can offer robust policies, technology, and controls that help protect data, apps, and infrastructure from potential threats.
The challenge is that all cloud providers are not equal, so business owners should “trust but verify” a potential or existing cloud provider. Today, cloud services are where all the data resides. So even a well-meaning cloud provider may unintentionally serve as a “honeypot” for cyber criminals who could crack a single digital “safe” and quickly access reams of potentially valuable passwords, personally identifiable information, and other data.
So, it is crucial to verify a cloud provider’s claims, ensuring the particular provider can successfully meet the security and other needs of the business — but business owners should be aware that this can require some digging. Start by scouring the contract and confirming what exactly the provider is promising. Does it say they will move your information into the cloud and secure it? Or does it just say they will move it? Simply guaranteeing data transfer is like contracting with a moving company to transport your household goods, only to find it all dumped on the lawn of your new house because the agreement did not specify that they would place the goods inside the house.
An additional essential step is to determine who verifies the provider’s claims. For starters, a company that performs services should not be the one that is checking them. Instead, a best practice is to ensure that a qualified independent third party reviews the provider’s cyber practices. Also, it is a good idea to consider whether the provider’s cloud architecture, standards, and services all mesh with your business’ workload and management preferences. And find out whether a significant amount of re-coding or other customization will be necessary to align your business’ legacy data and programs with the cloud provider’s platforms.
Cloud providers often point to how they can safeguard your sensitive data — and it is valid as long as the provider’s cyber defenses are as robust as claimed. Short of having an ethical hacker check them out, a would-be client can take steps like inquiring about the provider’s network of secure data centers. A provider that maintains multiple regularly upgraded data centers will likely offer more benefits — such as the latest generation of fast and efficient computing hardware, reduced network latency for applications, and larger economies of scale — compared to one that operates only a single corporate data center.
Cloud computing can deliver potent benefits to businesses of all sizes — but business owners should also be aware that the migration may be intimidating. Working with a trusted IT services consultant and taking steps to gain a good understanding of the issues involved can make the process smoother and ensure that your data is efficiently migrated and safely maintained.
Carl Mazzanti is the President of eMazzanti Technologies – a firm specializing in Cyber Security