Cloud services are comprised of two opposing philosophies and implementations: public vs. private. Public cloud services are those we’ve come to know as common, such as Dropbox, OneDrive, Google Drive, and DocuSign, just to name a few. The primary issues with public cloud services are that consumers are unaware of data storage location and precisely who might access the data.
Furthermore, public cloud providers are focal points for hackers due to the amount of data and accounts they store. In 2016, Dropbox disclosed it had been hacked in 2012 to the extent of 68 million email addresses and passwords. Another example is the widely publicized DocuSign breach of May 2017 which led to a targeted email malware campaign.
The question to ask is, “could a breach of my data affect any of my customers or vendors?” In most if not all cases, the answer is “yes”, which makes the public cloud an unviable solution for storage of most types of information. It is widely held that compliance, whether regulated or voluntary, is sound business practice, a demonstration of due diligence, and mitigation of legal liability.
In contrast, private cloud solutions allow the consumer to:
1. Be a smaller and thus less enticing target for hackers
2. Know precisely who has access to data
3. Know precisely where data resides
4. Control security
5. Choose from various pricing models (owned, as-a-service, etc.)
Private cloud solutions consist of equipment which resides in the consumer’s premises or that of a trusted, local provider. The conveniences of private cloud computing are the same as public cloud, including remote access to data over the Internet, remote sync, remote drive, and remote desktop.
The common argument against private cloud services is cost and maintenance of hardware. Although this is true with respect to email services, organizations can actually enjoy lower costs for document storage and application hosting when using private cloud services.
Contact Technical Framework today for a no-pressure consultation on how you can implement secure, compliant cloud services for your organization.