The Cloud: Virtually Limitless
Apr 01, 2015 09:19AM, Published by Jason Huddle, Categories: In Print
There are some misconceptions as to what cloud technology really is, how it works and how secure it is.
The term cloud was actually coined in the 1990s by telecommunications companies that needed a symbol to represent the various shared networks that were part of the virtual private network (VPN) services they were offering at the time. A cloud was drawn around each of the networks in the system. For example, the home office networks to a regional office as well as to a remote laptop computer. Each of these locations was designated as a cloud; however, it was not a term used by the general public.
Today’s cloud technology is a virtual environment that allows a business to forego the purchase of a physical computer server within their location. Instead, high speed Internet over fiber-optics allows each employee to access the data and software they need – like Microsoft Word or Office – from a server at a remote location that’s being managed by an IT service company.
Brian Cesca is general manager for DataChambers’ new location in Kannapolis at the NC Research Campus. There, they’ve built a 50,000-square-foot data center that joins locations in Winston-Salem and Raleigh.
“I initially came to pitch the NCRC to do business with us in Winston-Salem,” Cesca says. What he learned was that David H. Murdock, founder of the NCRC, had always envisioned a data center in Kannapolis.
“Innovation is driven through technology at the NCRC,” Cesca explains. “Academics and companies here are in line with us and the services we offer. The end product of what they do is health and human sciences, and that produces huge amounts of data. That data needs to be supported.”
With that, a company’s information can be taken from a physical server and transferred to sit on a virtual server (cloud) within their data center if that is the best infrastructure model to support the company’s need. From cloud perspective, DataChambers offers private cloud environment and management to just about any size company, but it has to be a good fit. Before migrating to a cloud, is the company looking to reduce hardware purchasing costs? Is there a time of year when workload skyrockets and there’s a need for more server space? How security-sensitive is the company’s data?
Private clouds are those that are built solely for one business or organization. Only those within the business have access to the information on their cloud. Applications (platforms) are built onto the server with the amount of storage space limited only by the configuration of hardware purchased. If more space is needed, more hardware can be bought, platforms added and multiple clouds interconnected.
“Picture a single customer sitting behind a firewall. (A firewall is defined as a part of a computer system or network that is designed to block unauthorized access while permitting in and out communication to the server.) Others sit on a public bandwidth. In our environment, a client can access their data through a secure firewall in a dedicated private cloud, then migrate back through the firewall to access the Internet,” Cesca explains.
Mike Ouimet, founder and president of Wincourse Technologies in Concord, began his business in 2005. “My history was in providing cloud services to healthcare with a company that collected and stored analytical data for hospitals around the country. They compared themselves to their peer hospitals: costs, procedures, efficiencies. They were storing their data in a hybrid cloud. We managed it and the hospitals had access to their data. It was exclusive to the FDA and hospitals.”
Hybrid clouds are two or more clouds that, while separate, are joined when certain data or platforms are shared. Wikipedia says, “For example, an organization may store sensitive client data in-house on a private cloud application, but interconnect that application to a business intelligence application provided on a public cloud as a software service.”
Ouimet, who started building his own cloud infrastructure from the ground up and houses it in a data center – he calls it a hotel for servers – in Charlotte, says, “The cloud is not one thing. How you’re going to retrieve that information falls across the board. You’ve got Salesforce, Dropbox and Gmail. Each does something different. Salesforce is a sales arm tool that’s used to track leads and conversations with customers. Dropbox is about storage of your files. Gmail is email. They all look very different from each other. The look of a cloud depends on what service you’re receiving out if it.”
Those utilizing wireless communications: a DSL line, smart phone or GPS are on, yet, a third type of cloud – public clouds. These are available to the general public. “Your phone accesses a server somewhere, the data goes to a satellite and then to a person’s location,” Cesca explains.
The concern with public clouds is the lack of security. “If you put your information into a public cloud without proper protection, you can expose your data to security breaches where hackers or viruses can go in and access or corrupt your data. Even saving pictures…don’t save them on a cloud. There are breach opportunities in there,” Cesca says.
So while there are distinct advantages to moving to a cloud for one’s business – no up-front hardware costs, less maintenance, users can access the system from anywhere using a Web browser, and applications and upgrades don’t have to be installed on each employee’s computer – there can be a down side…security breaches.
Hackers are hitting computer systems with viruses that can do major damage in a short amount of time. “Hackers and viruses are very similar to steroids in athletics. There is always someone looking to cheat the system,” Cesca says. “Ultimately, the security market becomes very reactive. As more firewalls and security are bolstered, there are others creating new viruses trying to get around it. Your goal is to be as secure as possible, to the best of your ability with the technology available.”
“We have to be proactive and handle it as it happens, put good processes in place. But I don’t think you can 100 percent eliminate it. It starts from the inside,” Ouimet adds.
And it’s probable that the security issues lurking around public clouds are affecting the mindset of those considering hybrid or private clouds.
“A lot of companies are looking at the security questions revolving around cloud technology while the general (public) cloud environment tells them their data is secure. Until the public cloud environment can handle security, the business community won’t use it,” Cesca says. “The cloud will always be defined by the business purpose.”
Redundancy might aid in a company’s decision to ultimately go to a cloud. Referring to their Kannapolis facility, Cesca says, “We’ve built redundancy around electrical power with multiple lines through the entire infrastructure. We have access to multiple communication carriers. If Windstream is down, the email will automatically route through another fiber carrier. We want to ensure your data is available 100 percent of the time, day or night. We’ve done that through the physical hardening of our data center. Remember Hurricane Hugo? We built our new data center building to withstand a natural disaster bigger than Hugo.”
“Security is a huge part of what we do,” Ouimet adds. “The first notion is that if it can happen to them, it can happen to us.” And he provides an example.
“We have had a customer whose employee got a computer virus that scanned their systems. It impacted that user only. If there was not a cloud, but a server on the premises, it could have been worse. We’re small and nimble and not on a big radar. We’re not in a huge public cloud that gets managed, like a Fortune 100 company with huge silos.”
“Most security breaches that occur come from within the company,” Cesca says. “One of the common safeguards is that you change your password every 30 days. Most hackers don’t try to attack systems directly, but through the weakest point of exposure.”
This is a mind-reeling technology that takes some time to comprehend. It’s safe to say that as businesses outgrow their computer system capabilities, they’ll look more toward reliable third-party data management. If you’re thinking about transferring your business to a cloud, look for an IT service company that’s SSAC 16-compliant. This regulation was created by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA). It’s a watchdog that monitors service companies, including IT.
For more information and to get questions answered by the experts, visit www.datachambers.com and www.wincourse.com.
Kannapolis Cabarrus Magazine Kimberly Cassell NCRC North Carolina Research Campus Mike Ouimet AICPA ASB Brian Cesca DataChambers dropbox GMail Hackers Hurricane Hugo Microsoft Office Microsoft Word Private Clouds Salesforce SSAC VPN Windstream Winecourse Technologies