Much has been written on the great debate concerning servers hosted in the public cloud versus colocation versus rented dedicated servers.
With data center colocation services, organizations can know every detail concerning all physical and virtual machines hosted on their network.
The same cannot be said for public cloud, which utilizes whatever infrastructure is available when you spin up a server. You might be wondering: What are some of the other common fears of using public cloud infrastructure for your next project?
Public Cloud Deployments Require Stringent Security Measures
There’s no doubt that the big selling point of cloud is its ease of use. That can be a detriment for some organizations, given the fact that many businesses will setup applications and use the out of the box settings. This can lead to serious ramifications that can allow novice hackers to gain access to your systems.
This was evidenced in 2013 when BusinessWeek reported upon a hacking competition in which virtual servers were deployed on Amazon Web Services with all of the default settings. A novice computer security student named Gus Gray was able to gain administrator access onto the VM that was configured with default settings.
Gray went on to win $5,000 from CloudPassage for discovering this exploit, which took him all of 4 hours to find. The aspiring computer security engineer said that he would use the money to fund his education.
Cloud is such a new technology and many organizations are unaware of the security concerns associated with using public cloud. Before diving into public cloud, both physical, virtual and environmental security audits must be conducted in order to meet compliance standards within specific industries.
Although rigorous security measures must be in place, businesses still have to fear the unknown. One of the biggest fears for public cloud is an attack that allows a hacker to execute code that impacts other virtual machines hosted on the same hypervisor.
Evidence of such an attack occurring has never been documented, however, it is imperative to note that this is one of the biggest fears of security analysts whom have skepticism concerning public cloud security.
Evaluating Your Risk with Public Cloud
While public cloud may seem like an attractive option from a cost perspective, there could be hidden costs down the road in terms of securing your cloud.
Dedicated servers can be considered more secure in many regards, considering the fact that your organization can either lease an entire server or colocate in a data center near your office and have physical access to the servers if needed.