IT Security: Colo Provides a Smaller Attack Surface than Cloud 

February 8, 2016
Cloud , Colocation
Colocrossing company

Veterans of the IT industry know one thing: IT trends seem to happen in cycles.

In the 80’s, centralized computing took shape in the form of mainframe computing. In the 90s, computing migrated towards desktop applications with much of the computing power coming from the desktop PC itself.

In the 2000s, simple applications were deployed using web browsers, ensuring scalability and compatibility with all operating systems. In the current decade, Cloud has accelerated the trend of deploying applications on the webs by allowing developers to spin up architecture in efforts to test out apps.

What happens when your apps reach maturity and it’s time for them to be deployed out to end users?

Can you absolutely guarantee that the public cloud can provide your organization with the security it needs?

DSC_0570 | Colocrossing company Comparing Attack Surfaces: Cloud vs. Colo

Think about the different methods in which your cloud server or cloud services can be accessed. Let’s single out one of the top public cloud providers, Microsoft Azure.

To access Microsoft Azure, you have to setup a Microsoft account that can be based upon an internal email address or an Office 365 address.

This in itself greatly increases the attack surface, considering the fact that all that a perpetrator needs to access your entire cloud infrastructure is your Microsoft account.

Another question you should ask is: What if a critical service such as Azure Active Directory fails? According to Neowin, this exact incident happened in early December of 2015, causing many Microsoft customers to go without access to their data for several hours.

Consider this Scenario: When you host with a public cloud, your servers don’t necessarily need to be attacked. If you rely on a cloud service, such as cloud SQL, cloud Active Directory or others, a failure occurring outside of your organization’s network could impact your company’s ability to make money.

With server colocation, you determine at an administrative level what services are installed on your network. This gives your administrators granular control over the services your business offers to end users and customers.

Administrators can customize the security features to their exact specifications, versus adhering to the security specs given to you by a cloud service provider. This in itself tips the scales to heavily favor using collocated servers over cloud based servers.

One Size Doesn’t Fit All

While many public cloud providers can spin up a virtual machine connected to an SSD array, these virtual machine templates may not give your organizations exactly what it needs in order to operate properly.

When your resources are abstracted, administrators can potentially lose control of their data.

Who is to say that a rouge data center employee won’t discreetly access your account using a service account in order to reduce the likelihood of any red flags being raised? What if a governmental agency asks your cloud provider to perform this very action?

When you host your own infrastructure, with your own Network Attached Storage devices, you can ensure that your organization has the ability to accurately determine who, what, when and how users are accessing company data.

What are you waiting for?

Contact ColoCrossing today to discuss our robust colocation services. With ColoCrossing, you can host your workloads in any one of world class datacenters located all around the world.

Contact ColoCrossing today for a free, no-obligation quote.

 


Jon Biloh
Jon Biloh

As president I'm responsible for developing and executing our global strategy, generating new business opportunities, enhancing the customer experience and ensuring that ColoCrossing provides world class service!