Data Security

Physical security defines how you control physical access to the servers that support your infrastructure. The cloud still has physical security constraints. After all, there are actual servers running somewhere. When selecting a cloud provider, you should understand their physical security protocols and the things you need to do on your end to secure your systems against physical vulnerabilities.

Data Control

The big chasm between traditional data centers and the cloud is the location of your data on someone else’s servers. Companies who have outsourced their data centers to a managed services provider may have crossed part of that chasm; what cloud services add is the inability to see or touch the servers on which their data is hosted. The meaning of this change is a somewhat emotional matter, but it does present some real business challenges.

The main practical problem is that factors that have nothing to do with your business can compromise your operations and your data. For example, any of the following events could create trouble for your infrastructure:

  • The cloud provider declares bankruptcy and its servers are seized or it ceases operations.

  • A third party with no relationship to you (or, worse, a competitor) sues your cloud provider and obtains a blanket subpoena granting access to all servers owned by the cloud provider.

  • Failure of your cloud provider to properly secure portions of its infrastructure—especially in the maintenance of physical access controls—results ...

Get Cloud Application Architectures now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.