The Cloud is Safer Than You Think!

In 2013 an NSA employee named Edward Snowden allegedly stole documents from the Kunia Regional SIGINT Operations Center in Hawaii and shared them with the world. This alleged data leak raised enormous awareness about the challenges that businesses and governments face when securing their data and intellectual property.

Some of the largest companies in the world have indicated they do not feel comfortable storing intellectual property or sensitive data in a public cloud.  Largely, this is due to fear of this information falling into the hands of competitors or other nefarious types.

Business and company data are not safe in typical private data centers.  The reason being is that most companies only use security policies, two factor authentication, and RSA tokens to secure their systems and data. The truth is, those measures only secure networks from outside penetration. There are many other methods of intrusion and security breaches to be concerned about, as illustrated by the Snowden example.

The advent of public secure data centers created by Microsoft, Amazon, and Google and are reducing the demand for private data centers. These cloud-based data centers integrate similar security measures to that used to safeguard our nation’s most private information.

Physical access to these cloud-based data centers is highly restricted. There are several layers of security with increasing levels of sophistication. Being an employee of the company does not simply allow a person to gain access to these facilities. There needs to be a legitimate need in order to gain access to the facility. Once someone has passed the outer security measures, access to the inner security areas are then compartmentalized. Much like how our nations secrets are guarded, access to a facility does not give one access to all the secrets held within.

Access to areas within the facility are secured by bio-metric scanners, intrusion detection systems, two-factor security, badge readers, video surveillance, and man traps. Man traps are unique in that they are small phone booth or turnstile like rooms that can accommodate only one person.

Most private data centers are not secured to this level. Typically, no one keeps track of who has had access to the data center. It may be locked, but gaining access is as simple as an employee tour, contractors pulling wire or making repairs.

Finally, to ensure that data is not leaked via decommissioned systems, all hard drives with highly sensitive information at cloud-based data centers are destroyed after decommissioning via magnets and shredding. These public cloud providers hire third parties to validate and audit their security and processes. This level of scrutiny is rarely matched by private data centers.

In most industrial facilities, a manufacturing data center houses formulations, recipe executions, process information, control systems back-ups and more.  These data centers are managed by staff who may have many roles within the organization. This staff is traditionally not dedicated solely to the security and integrity of these data centers and they generally operate on very limited budgets.

In public data centers, a staff is on hand 24/7 specifically to monitor the health of each of the systems, ensure that security measures are maintained, and guarantee that best practices are followed.  Attendants to the public data center are identifying failed hardware, leveraging technology that predicts failures, and regularly executing proper system maintenance.  By contrast, most industrial control software doesn’t receive any regular maintenance post installation.

Many large manufacturing companies operate their data centers with manual backups and rely on local RAID (Redundant Array of Independent Disks) storage for data and system integrity. Although larger, sophisticated system integrators do have state-of-the-art backup and archiving procedures, many do not. Relying on outside agencies for such a mission critical system should not be standard operating procedure.

In modern public data centers, data is stored not only across drives but also across servers and potentially even across rooms or containers. This data is replicated for high availability and integrity. With the right subscription, your data can be replicated across geographic locations. In a scenario where there is a complete catastrophic failure of a single data center, the data would persist and be available from the redundant facility.  There are not many private data centers that have that level of data protection.

Servers, storage arrays and routing systems require large amounts of energy to operate and cool. This isn’t usually a problem when the power grid is cooperating, but in cases where the power fails, these systems become reliant on small UPS devices which can keep power on for a minimum outage in a magnitude of minutes. These UPS devices are traditionally in place to allow systems to shut down cleanly and to smooth input power. For longer term outages, some private facilities may occasionally have local generators. But those generators are often not designed to keep data centers running.

Public data centers are always on. They are powered by multiple sources to include the grid, UPS, and local generators. They are designed to be more efficient and greener than private data centers. Server rooms are built so cooling systems are only cooling necessary server components and not the entire room. This saves huge amounts of energy and reduces the carbon footprint of the facility.

Securing data and safe guarding it against disaster can be costly and time consuming. Although some companies are afraid that using the cloud to store their sensitive data is risky, the risk of losing data to internal errors, natural disaster, or intrusion may be higher. The cloud offers more security and better disaster recovery options because these public data centers are solely focused on protecting the data stored there. They have the means to consistently update their security measures. Most companies running private data centers on site do not have this luxury. The cloud really is safer than you think.

To learn more about manufacturing in the cloud, click here.