Many organizations still believe that on-premise is more secure than cloud. The reason for that thinking is that they can walk into their server room, see all the equipment, see the lights blinking, touch the cables, and say: "My data is here!"
Now, they're moving to the cloud, and suddenly, the equipment fades away, their data is somewhere in the cloud, and they're thinking, "Is public cloud secure enough to store my data?" And that’s because they have less control.
It's a fair question to ask.
But here is what I always say to those clients: Public cloud, if configured well, is more secure than on-premises. But if misconfigured, your data is on the street.
So why is that? These hyperscale cloud providers are intrinsically motivated to build the most secure and scalable platform available. They want to host many customers worldwide, so if their platform is not secure, it will kill their business case. They are invested in having the most secure platform.
The second reason a public cloud is more secure than on-premises is the security teams that monitor it 24/7 at these hyperscale cloud providers. They can quickly locate and respond to security incidents and then roll out these security improvements worldwide.
Let me give you an example. If something's happening in Azure Australia, here in Europe, we're sleeping; it's the middle of the night, but in Australia, something's going on with Azure. They will remediate that incident. They will even push out an update across Azure worldwide. So here in Azure West-Europe, we get these security benefits as well, while even sleeping.
So by joining a hyperscale cloud provider, we are falling under the protective umbrella of their cybersecurity teams.
So, first, they have a vested interest in building the most secure platform available. It’s their core business. Second, they have 24/7 SOC teams that are always up-to-date, keeping track of what's happening and publishing these updates worldwide.
So, a local security incident triggers an update for the whole global ecosystem. That’s one of the benefits.
Conclusion
So, to wrap up, why is a public cloud by default more secure than on-premises?
Because these hyperscale cloud providers are vested in building the most secure platform, it’s their economic engine and whole business.
They monitor what's going on 24/7 worldwide. You can benefit from the updates from the other side of the world. So that is the protective umbrella of a hyperscale cloud provider.
All I just said is one half of the story.
Yes, the hyperscale cloud provider is responsible for building the most secure platform they can. But on the other hand, you are responsible for configuring that platform as securely as possible. So with a misconfiguration, your data is on the streets. But if you configure it well, it is more secure than on-premises.
How do misconfigurations happen? Well, that is something for another video.
Have a wonderful day and see you next time.
Jetro
I Strengthen Cybersecurity Management, Compliance, and Resilience for European Organizations
Result: Lower Risk 🔸 Greater Peace of Mind 🔸 Business Continuity
Share this post