When we speak with potential and existing customers, we are often asked to install a server to provide one or more functions; a centralized file repository or host a centralized application. Many business owners don’t feel comfortable with the concept of storing files or using an application that’s hosted in the cloud. The most common objection we hear is “well if it’s hosted in the cloud then anybody can access it.” This is a common misunderstanding by those who don’t understand the risks of on-premise hosting compared with cloud hosting. We stumble upon the lack of security controls common with on premise applications which puts sensitive data at risk. In this post, I will also discuss 3 major responsibilities when running on premise compute versus cloud provided.
1. Patch Management
Patch Management is a monthly recurring responsibility where an IT security expert or IT infrastructure expert will regularly review vendor vulnerability disclosure announcements, understand the workarounds or software patches that mitigate these vulnerabilities and take the necessary measures to implement these best practices. Implementation can mean, the scheduling of downtime (during non-business hours) to install or configure the countermeasure and verify the vulnerability no longer exists. Since many of these vulnerabilities may be discovered on many different systems at the same time, these issues must be prioritized in terms of business risk and planned to be addressed in such order. Compliance and regulatory requirements will dictate that these procedures must be reviewed and made actionable on a monthly basis and a risk officer must attest to this.
2. Proper and routine backups
System backups are the absolute last thing that gets implemented in any systems deployment. When have you recently tested a recovery to operations in a simulated failure to practice an outage caused by hardware failure or a security incident such as ransomware?
Implementation in an on-premise deployment must be handled by the local IT personnel and practiced on a regular basis where in a cloud offering, is provided as part of the monthly service. Since the vendor provides this as a service you are not required in most audit scenarios to provide proof of compliance other than retrieving the vendors proof of compliance.
3. Complex management
Commonly we see more than one application provide the same service to the same company. Examples such as ACT and SalesForce, Slack and Teams, Google Workspace and Microsoft 365. These are all cloud hosted solutions but we also see multiple redundant on premise applications which provide many different management consoles for administrators to learn and run. We can help you streamline your applications so that you save redundant IT costs.
We can help you move to a cloud first environment which your business will benefit from having employees who are remotely located, reduced IT management costs and also reduced downtime from misconfigurations and security incidents.