Square-Off: Is Your Data More Secure in a Data Center or in the Cloud?
It was the big system break-ins that changed the corporate approach to data security, observes Ashley Vukovits, the CFO of Interactive Intelligence Group and one of the debaters in CFO’s latest edition of Square-Off. Not that long ago, she writes, “most people would have answered the question of whether data is more secure in a company's data center or in a vendor’s cloud storage system with a resounding answer in favor of the organized data center” housed within the company itse ..
Just a few years ago, most people would have answered the question of whether data is more secure in a company’s data center or in a vendor’s cloud storage system with a resounding answer in favor of organization’s data center.
Companies hired very smart security people and gave them a fairly open checkbook to make everything secure. Then the hacking began. We all heard the stories from Home Depot, Target, and eBay, and the list goes on. This raised the question: Can organizations really provide the security needed to protect their employee and customer data? Or is it better to trust companies that do it for a living — companies whose business depends on providing a safe, secure environment to house data?
I work for Interactive Intelligence, and we offer a cloud solution for customer engagement using a cloud storage vendor. I believe cloud storage is more secure and the wave of the future.
Increasingly, organizations are turning to the cloud for their own data storage needs by using providers such as Amazon Web Services (“AWS”). Organizations of all sizes and types—even in typically risk-averse industries like banking, health care, and insurance—are making this move. These organizations want to take advantage of the cost-effective, elastic services the cloud can provide.
If you look at the security tools that data storage companies like AWS provide, it’s impressive: multilevel security, hypervisor, security of host and guest operating systems, firewalls, API access, mutual authentication, private keys, and much more. These providers take their security seriously, and they absolutely need to — their livelihood depends on it.
If you house your own data center, there are many questions to consider:
- Do you have the best network and security personnel to protect your data?
- Do they stay current on the latest trends in the industry?
- Do you have a training program for all of your employees on security?
- Do you have external parties review your security practices?
At Interactive Intelligence, we think about these questions every day. We invest extensively in our global security operation since we store our data both on-premises and through cloud storage vendors, as well as customer data in co-location facilities and cloud providers.
Our security team continually trains all employees on what it means to protect the company’s and our customer’s data. We take annual tests to ensure our knowledge is up-to-date and at the forefront of the ever-changing rules and regulations of today’s international security practices. And we spend a lot of time reading and researching the newest techniques and tools to deter the bad guys.
We also spend a healthy amount of money each year to ensure we have the right tools and protection in place. We walk the fine line of having security policies and procedures without making them so rigid that it is difficult to get the job done. Our incident response plan is tested multiple times a year, and we work to ensure we never have to use it. We have begun to encrypt our computer’s hard drives, and require two-factor authentication to access our network. We also go through a multitude of audits, including ISO27001, SSAE-16, PCI, and HIPAA, to ensure we have the best security practices.
The point is, while we believe data storage can be as secure if not more so in the cloud than in an organization’s data center, there are many factors that affect security. Organizations must address security at every level to ensure their data is safe. At our company, we believe cloud storage is secure and that is where we will continue to migrate our data storage.
Ashley Vukovits is the CFO of Interactive Intelligence.