Recently, Secratic Managing Partner, Daniel Ayala, wrote a series of pieces for one of our clients, LabArchives (https://labarchives.com) on the benefits and challenges of securing SaaS systems in the cloud.
This is an excerpt from Part 1 of that series:
Have cloud applications become just as secure as on-premise-based applications?
There has been a strong belief in the past that cloud-based applications are not as secure as on-premise-based applications. While this was once true, cloud security not only remains secure in 2021 but has more benefits than on-premise implementations. See how below.
There is no such thing as “perfect security.” The keys to success are taking the steps possible to secure an application in a way that balances the need to use a system with the mandate to protect the information within it. The security of both on-premise and cloud-based services is nothing without good practices, including security by design in development, testing, operations, and response.
Value Proposition & Challenges
Performance and data protection are both critical when using a system. The use of geographically dispersed cloud services moves the hosting closer to users’ hubs to improve the user experience and reduce latency. It also ensures users can store and access data within a particular country or set of countries as required by data-protection laws or grant requirements. Cloud services bring broad, reliable availability to shape their use to efficiently meet data residency requirements without having to build and staff new facilities.
For a long time, a key to securing a system was direct control over it. That included being in a data centre that could be visited, having a second physical machine act as failover, and having robust, redundant connections between the two devices. Organisations have also invested large sums in data centres located on or near their campuses. However, in some cases, these data centres’ geographic diversity may only be a few miles from each other, on or near the campus itself. The lack of broader distance between them means that if a physical disruption were to occur, then it is likely that both locations would be affected and take out the capability of all systems in the data centres.
A cloud service or software as a service (SaaS) offering is usually designed and implemented in multiple existing cloud data centres, often on opposite ends of the country or continent, without the need for building, occupying, and filling new, distinct data centres. It’s easy to add additional presence with a click of a button, and if there’s an issue in one location, the packets can be picked up by another.
To read the complete article, visit https://labarchives.com/blog.