River Run recently presented 3 Lunch & Learn seminars, sponsored by Microsoft, discussing “Where and When it makes sense to move to the Cloud.” Attendees learned about different cloud models, penetration and growth statistics, how to plan for a successful migration, and brief introductions to Office 365, Microsoft Azure, and the many cloud enhancements incorporated into Windows 10.
In a lively exchange, participants discussed their hesitations, fears, hopes, and preconceptions about the Cloud. Security and loss of control of their data were two concerns, among others, that were raised at every event. It might be beneficial to share some of the answers and discussions that followed.
In light of all the cyber attacks in the news recently, wouldn’t Microsoft Cloud Services be much more of a potential target than a company’s private data center? The answer is definitely no. Hackers, as most of us, focus their attention where the risks of detection are lowest and reward is greatest. They are looking for ID records, bank account information, headline worthy attacks in weak or vulnerable networks and data centers. Difficult or near impossible identification of these “prizes” beneath layers of advanced security that is present at Microsoft data centers makes both the risk high and the reward low. If hackers are interested in breaking through to a valuable vein of profitable data, knowing the data is actually there before attempting the hack is critical. Microsoft’s enormous mountains of data make poor targets.
Furthermore, penetrating a network is often accomplished through personalized social engineering attacks and insider knowledge. Network administrators in Microsoft facilities, if you could find out who they are and where they work, (most employees of Microsoft don’t even know specifically where their own data centers are located!) they do not have open access to data. If they need to work on these systems, temporary access is granted by supervisors for a specific job and time, and then access is rescinded. The layers of security, supervision, and monitoring is equal or exceeds the best industry standards. The risks to your data in a Microsoft facility is certainly not greater than in your own.
Will I lose control of my data? Microsoft’s cloud services is based on the premise that it is your data, you control it, they merely provide the infrastructure to manage it. At any time, you may retrieve and move it to another facility. Where this concern has been raised, the issue is usually migration of services and server configurations, not data per se. It is true that standards for moving server hypervisor images and services between hosted services is not regulated or standardized, but there should be no fear over control of your data.
Isn’t my data naturally backed up in Azure or Office 365 environments? When we refer to “backups”, we use the word to describe historical copies that could be used to recover to a point in time or restore files or accounts that were deleted months or years ago. In this sense, no, unless you specifically plan for a true backups, the present data in Azure or Office 365 is only protected by having multiple copies replicated in realtime across multiple data centers. These normal services (Legal or In place hold excepted) are only contractually obligated to store data or accounts for limited length of time.
Much more was discussed during these presentations. If you were unable to attend these events but would like the information, send us an email.
Look for additional Lunch and Learn opportunities in the future. If you are interested in moving services to the cloud, don’t hesitate to contact your sales rep and set up a preliminary discussion to see whether or when it might make sense for you!