In the last few years, few technologies have revolutionised enterprise IT the way cloud technology has. A vast ecosystem of cloud-based infrastructure, platform and application providers have made it easier and more cost-effective than ever before for businesses to consolidate and streamline their operations, mobilise their workforces and scale up—or scale out—their computing initiatives. But the rapid growth and incredible diversity of the cloud technology marketplace can cause confusion. Just what is the public cloud and what are the pros and cons?
What Is The Public Cloud?
When it comes to public, private and hybrid clouds, people are typically most familiar with the public cloud. In a public cloud deployment, data is stored and/or processed remotely, on infrastructure operated by a third party provider, rather than locally at the end user endpoint location. Webmail services like Gmail and Yahoo are a perfect example of this. Emails are stored in the service providers’ data centres rather than locally on end user devices and when end users access, search, or sort through their emails, those operations happen on the service providers’ infrastructure as well.
Pros Of The Public Cloud
For businesses, one of the most compelling benefits of the public cloud is the affordability of many cloud services. The economies of scale enable cloud service providers (CSPs) to provide infrastructure and applications at a fraction of the cost that organisations would have to pay for an on-premises equivalent.
The economies of scale—and the customer contracts at stake—also mean that CSPs are usually able to troubleshoot and resolve performance or connectivity problems much more quickly than a typical business’s IT staff could do for on-site deployments. Their businesses depend on the performance of their offerings, after all. Finally, scaling up or scaling out a public cloud infrastructure, platform, or application is usually simple, instantaneous, and, again, cheap—or at least much cheaper than doing the same in-house would be.
Cons Of The Public Cloud
Public cloud technology does have its downsides, many of them related to security and regulatory compliance concerns. Enterprises often hesitate to adopt public cloud infrastructure or applications due to the loss of control over data security that the public cloud entails. At the end of the day, your data is being stored in a third party’s facility and you’ll have little to no control over how your CSP chooses to protect it. The recent data breach headlines have cast much doubt on the security of data stored by even the largest CSPs, especially when it comes to surveillance done by government agencies.
The NSA, for example, was exposed as having compelled several major CSPs, including Google and Microsoft, to turn over customer data without the customers’ knowledge. The NSA also successfully infiltrated Google’s data centres themselves to intercept information as it moved within the Google internal network.
Addressing Security Issues In The Public Cloud
So does this mean the public cloud can’t, or shouldn’t, be used? Absolutely not! The public cloud has allowed enterprises to enjoy unprecedented levels of flexibility, scalability and accessibility, without which they may lose key competitive advantages. Major CSPs like Salesforce, Google and Microsoft already provide high levels of security, and many have beefed up their security even more in recent months, adding additional encryption and authentication measures to prevent breaches.
CSPs’ businesses depend in part on their customers’ trust, after all, and they have stepped up to the task of keeping that trust. Still, where enterprises can add an additional layer of security to their data, they should. In any secure public cloud initiative, encryption and tokenisation will play key roles.
Augmenting CSP-provided data security with persistent encryption that begins at the enterprise perimeter and leaves the encryption keys in enterprise hands will maximise the protection of sensitive data. While Tokenisation replaces a piece of data with a randomly generated “token” that is structurally similar but mathematically uncorrelated to the original values. The tokens can then be transmitted to cloud applications, while the actual data remains in a secure database behind the enterprise perimeter.
Tokenisation helps to maximise the ways an enterprise can safely use public clouds. The public cloud has swept the enterprise, for good reason. There’s a platform or service out there to suit the needs of businesses both large and small, across every vertical. And despite some FUD (fear uncertainty and doubt) around data security, the fact is that solutions do exist to address security objections to public cloud technology. With the proper planning, policy and implementation of encryption and tokenisation on both the client and provider sides, the public cloud can bring dramatic benefits to organisations that use it.