The grade school message that "sharing is caring" may apply on the playground, but in today's business landscape, it's only natural to be a bit selfish - especially when it comes to the protection of your company’s vital data and applications. This is what's so puzzling about the concept of public cloud storage and computing services. Many companies seem to uphold a double standard about the privacy of their business information. You wouldn't let your competitors sit in on an executive board meeting, so why would you think twice about letting your data be stored and processed on someone else's drives and CPUs?
Recent data security cases involving Target, the NSA, Google -- and even Microsoft -- have created heightened awareness among executives to clearly understand the environment that houses their business critical data. A consistent IT strategy regarding data and application types, along with what type of environment is assigned to each, is necessary for proper security and control.
Organizations Recognize the Value of Privacy
When cloud computing first came on the scene, the hype surrounding off-premise public storage was perfectly warranted. If you were in need of quick computing solutions, the cloud offered a simple and cost-effective way to leverage necessary resources without being forced to invest in clunky and potentially burdensome physical assets. Those advantages remain a key reason why cloud adoption is growing at higher rates than analysts predicted; however, that aggressive growth rate is primarily found in private cloud services. A recent eWeek article highlighting a study from Research Now, sponsored by CTERA Networks, found that nearly two-thirds (63 percent) of respondents preferred private cloud storage configurations to their public counterparts.
"Enterprises are seeking ways to capitalize on the benefits that cloud storage can provide, but not at the cost of losing control of their data,"Rani Osnat, vice president of strategic marketing and customer experience at CTERA, reportedly said in a statement. "This independent research validates what we have been hearing from our customers: a clear preference for a platform they can manage and run using the infrastructure of their choice, with both enterprise-grade security and compelling end-user experience."
Set Higher Standards to Meet your Enterprise Needs
So why are organizations still selecting public and hybrid cloud options for their enterprise applications? The problem is that many business leaders don't understand the differences in cloud providers and the transparency needed when it comes to leveraging cloud solutions. They fall for the hype that public and hybrid offerings are market-tested options and therefore fine for enterprise data.
IT and executive buyers should expect transparency from their cloud provider, including protocols, certifications and security affecting their data centers. In this video, Tribridge Concerto Director of Operations Peter Schmied explains that decision makers should go beyond an overview of features when it comes to cloud security with some key questions:
- What does the offering include regarding industry specific compliance certifications? (examples: PCI, SOX, HIPAA)
- What levels of security are provided for data encryption and authentication protocols?
- How do you deal with compliancy needs on a per cloud customer basis?
- What type of forensic and evidence gathering solutions do you offer?
- What resource isolation mechanisms are in place to ensure confidentiality and privacy within the cloud infrastructure as a whole?
Tribridge Concerto Cloud Services recommends that organizations ensure privacy for sensitive data in private cloud environments, while taking advantage of public clouds for less critical applications and information. Combined with a consistent IT strategy, a hybrid approach (a combination of public, private and on-premise solutions) delivers the best option for availability, privacy and cost-effectiveness.