As a system administrator, I have worked with both on-premises and cloud-based systems to support business operations, and I can definitely say that I have certain preferences and observations regarding all types of environments.
The “old way” of only having on-premises data centers isn’t dead yet, and I believe a hybrid formula could be a strong option for mixing and matching what works best. That doesn’t mean there aren’t any pros and cons to on-premises and cloud security that need to be identified and analyzed before deciding which is best for your business.
Security benefits of on-premises networks
Reduces monitoring and field personnel security risks
On-premises systems can be verified to be physically secure because they are likely to be inaccessible to IT and security personnel, and badge readers, surveillance, and cameras can be deployed to ensure that only appropriate personnel can access them.
“One of the advantages of the on-premises environment will always be that if a customer has unique or specific requirements they can implement them on-premises, whereas most cloud vendors have, accept, or drop standard security processes and tools.” said Dominic Sartorio, Actian’s senior vice president of product.
SEE: Tackling cybersecurity risks for law enforcement: On-premises and cloud-based systems (TechRepublic)
According to Manikandan Thangaraj, vice president of ManageEngine, the enterprise IT management division of Zoho Corporation, the nature of on-premises networks allows for a well-defined security perimeter to protect themselves from the unique attack techniques used on them.
“In-house security deals with the deployment of tools that require all network traffic to be routed through physical security tools located on network facilities so it can be monitored and analyzed to mitigate security risks,” Thangaraj said. “When users want to access network resources from a remote location, they have to use VPNs whose usage is monitored by traditional security solutions.”
Equipment management is carried out on-site
In addition to the safety benefits of on-premises environments, equipment can also be easily repaired and replaced by known, authorized personnel. In addition, safe destruction of hard drives can be arranged by in-house technicians to verify that company data has been completely cleared from these devices.
Network traffic is kept within the network perimeter
Best of all, users do not depend on wide area network connections to access company resources – these WAN connections are only required for traffic to and from external customer or business resources. Traffic is kept within the network perimeter with less risk of spoofing or compromised credentials.
Disadvantages of on-premises network security
Taking advantage of the many benefits of on-premises networks requires adequate in-house employee resources for installation and maintenance, and also requires sophisticated technical know-how to maintain proper security.
Unlike cloud resources, which can be geographically redundant, a single site represents a single point of failure or attack from a distributed denial of service malicious actor. Also, the cost for on-premises operations is often significantly higher than for operations in the cloud.
Security advantages of cloud networks
Vendor security teams save time for in-house staff
Cloud advantages are often the opposite of on-premises disadvantages. In short, cloud providers are subject to a strict set of security standards that internal staff may or may not be appropriately aware of. The cost is more affordable, and private cloud security staff can secure data and resources from their side, freeing up in-house staff for more relevant and business-focused tasks and projects.
SEE: Top 6 multicloud security solution providers of 2022 (TechRepublic)
“I will frame this discussion with the Shared Responsibility Model, which the three big cloud vendors, Amazon, Google and Microsoft, also adhere to,” Sartorio said.
Sartorio provided links on how Amazon, Google and Microsoft are handling joint responsibility models that comply with all relevant standards including SOC2, ISO27001 and FedRAMP.
“This model indicates that the cloud vendor focuses on ‘Cloud Security’, which means the customer can rely on them to secure their infrastructure, including physical assets, operating environments, internal networks, etc.” “So the customer no longer has to worry about it.”
Cloud security reduces operational costs of data compliance
Byron Carroll, head of product for ACTIVE Network, is extremely enthusiastic about cloud security compared to on-premises security.
“State and local governments are doing interesting case studies, particularly from a security perspective, as they examine the benefits of moving from on-premises software to a cloud-based solution,” Carroll said. “Local governments in the US are prioritizing their resources and moving to cloud-based software because storing sensitive data for a large population makes security a top priority for local governments and are willing to invest in the most secure and efficient solutions. ”
Data compliance and reduced operational burdens, expense and maintenance are clear gains, along with an improved ability to support remote workers, according to Carroll.
Disadvantages of cloud network security
Thangaraj says that despite the security benefits with cloud networks, there is still a concern, especially with regard to application programming interfaces. According to him, malicious actors can access an organization’s data using vulnerable APIs. To protect this data, security teams need to monitor cloud application usage and network traffic.
“Cloud data platform security should focus on gaining visibility into cloud application usage and activities to deploy adaptive security measures,” Thangaraj said.
Which network security option is best for your organization?
What type of business is in-house security best for?
It is best for companies with in-house operations, high security restrictions, and hands-on demands that require them to be as agile and busy with their equipment as possible.
These companies typically rely heavily on physical hardware, such as database servers or systems with high I/O transactions per second, and IT personnel who prefer to repair and replace hardware and systems on their own to ensure maximum uptime of physical machines. These companies are usually located in central geographic locations with a handful of sites.
What kind of business is cloud security best for?
Cloud operations are best for companies with less reliance on physical hardware and more liberal use of virtual systems. Often, these companies are dispersed across multiple locations and do not have a single true headquartered operation, but are highly dispersed.
Is a combination of on-premises and cloud security the best approach?
A combination of on-premises and cloud security works for companies that can deploy critical systems on-premises and use less critical, common cloud-based processes such as email, phone, instant messaging, and collaboration applications. In this hypothetical scenario, the web servers and databases connected to them might be on-premises and Microsoft 365 might be running in the cloud.