Square-Off: Is Your Data More Secure in a Data Center or in the Cloud?
It was the big system break-ins that changed the corporate approach to data security, observes Ashley Vukovits, the CFO of Interactive Intelligence Group and one of the debaters in CFO’s latest edition of Square-Off. Not that long ago, she writes, “most people would have answered the question of whether data is more secure in a company's data center or in a vendor’s cloud storage system with a resounding answer in favor of the organized data center” housed within the company itse ..
How would you like it if customers had to log in at your e-commerce site over and over during the same session? Or if you couldn’t tell where site visitors were from? What would you think if you sounded as if you had a speech impediment during a streaming-video press conference?
Those are just a few examples, among many, of the troubles that could befall companies for a period of days, weeks, or even months sometime during 2011 if they don’t act soon to reconfigure their public-facing Web servers.
The source of the problem is the impending exhaustion of the unique numbers (or addresses) within the long-established Internet protocol that Internet service providers (ISPs) assign for every Website and most connected devices.
Sometime next year, the global Internet Assigned Numbers Authority (IANA) and its five regional authorities will run out of the approximately 4.3 billion numbers in the Internet Protocol Version 4 (IPv4) address space. When that happens, ISPs will begin receiving numbers associated with the successor protocol, IPv6, to dole out to customers.
Unfortunately, a computer with an IPv6 connection will not be able to communicate directly with an IPv4 Website. ISPs are likely to provide gateways allowing such access, but a connection through a gateway probably won’t perform nearly as well as users have come to expect, says John Curran, CEO of the American Registry for Internet Numbers (ARIN), which provides IP numbers to ISPs in North America.
Websites with complex customer-care or e-commerce capabilities and those providing video streams are particularly at risk. “We don’t know how well those things are going to work with customers coming in through a gateway,” says Curran. “It should be a high priority for companies to assess whether they should get an IPv6 connection.”
Reconfiguring servers to accommodate IPv6 traffic doesn’t necessarily entail a huge amount of labor but could require time-consuming coordination with other parties. In addition to ordering new Internet service from the ISP, which will have its own reconfiguration work to perform, the company will have to work with any outside contractors that provide applications for the Website.
Given cooperation from its ISP, a company that has very well-designed Web applications, does everything in-house, and knows how everything works could probably turn on IPv6 quickly even if it is caught off guard. “But most companies aren’t like that,” says Curran. “You have to explain to contractors what you want done and wait for them to give you a quote and do the work.” In addition, old firewall equipment may have to be replaced.
ARIN does not know exactly when the supply of IPv4 numbers will run out, but says it will certainly happen in 2011. That means the time to make the necessary changes is growing short. For large companies with many public-facing servers and complex Websites, the process could well take months, according to Curran.
Most companies haven’t yet placed a high priority on performing the reconfiguration, though. Companies are conditioned to think of technology adoption in terms of the incremental return on investment it will deliver. But IPv6 predominantly solves one problem: the exhaustion of IPv4 numbers. “The demand curve will go from 0% to 100% on a very steep ramp,” says Curran.
A hasty upgrade may be a more costly one, says Martin Levy, director of IPv6 strategy for Hurricane Electric, a global Internet network provider to large organizations, including ISPs. “You can either do a planned, careful migration, or you can do it in a panic,” he says. “And you should know full well that panicking is more expensive.”
Levy adds that he can even see a company slow to upgrade to IPv6 losing out on certain deals with potential customers or partners who will make running the new Internet protocol a condition of doing business.
Of less concern for companies, for now, is connecting to IPv6 Websites from IPv4-configured computers. Hardware, like Websites, can be reconfigured for IPv6, but there is not yet any urgency to do so, says Curran. Since most Internet traffic will continue to be IPv4 for some time, it will be imperative for commercial Websites to continue offering IPv4 connectivity even if they also enable their sites for IPv6. While new Websites won’t be able to get new IPv4 addresses starting next year, many companies will employ a process called network address translation to effectively hide multiple computers behind a single IP address in order to free up addresses for Websites.
But over time, as new companies are born and are able to get only IPv6 addresses for their Websites, other companies will have to reconfigure their hardware to access those sites. There could be a key triggering event. Say, for example, in two years the next big Internet phenomenon bursts on the scene that companies will want to tap into, à la Twitter. “If your IT department has not upgraded your network, it’s going to be difficult, if not impossible, to access that,” notes Levy.
Meanwhile, the supply of IPv6 addresses will not run dry — at least not for a very long time. The new protocol has space for 340 undecillion unique addresses. That is a 39-digit number. If all of the IP numbers in use today equated to the size of a golf ball, the IPv6 address space would be roughly the size of the sun, according to Curran.