dediserve news

How secure is your data in the cloud?

Cloud computing is fraught with security risks, according to analyst firm Gartner, but what does the cloud really mean for the security of your applications and data?

 

Here at dediserve we fundamentally believe in transparency and openness. Most clouds won’t tell you exactly where your data is stored (sometimes not even which country!) or the specification or architecture of their platforms. That in itself presents a risk to the end user!

 

 

There are some key areas you need to be aware of to ensure you can rest easy about the security of your data on the cloud:
– Location and jurisdiction of your data and servers
– Isolation of data and networking from other cloud machines
– Firewalling and security of your machines and data
– Backup and Disaster Recovery plans

 

Let me deal with each in turn from a dediserve point of view:

 

– Location and jurisdiction of your data and servers

 

At dediserve, we let you choose the specific cloud platform you wish to deploy on, right down to the datacentre and city / country. Right now, you can choose Dublin, Ireland; London, UK and Dallas, TX, USA. We commit that your data will never leave these locations without you expressly requiring or wishing it. This allows customers in Ireland to remain compliant with Data protection legislation, or customers in the US to avail of European privacy legislation by locating their data in the EU. You can see our current and growing list of locations after this link: http://dediserve.com/why-cloudlocations.html

 

– Isolation of data and networking from other cloud machines

 

Ensuring that no other customer can ‘swipe’ your IP address (spoofing) or sniff your traffic to see what you are up to are critical requirements for the security of your data in the cloud. At dediserve, since day 1, we have implemented extensive security measures, including platform firewalls that prevent sniffing and spoofing and isolate every single cloud machine on it’s own, isolated, secure private LAN. It’s impossible to detect the traffic of another cloud machine, even if it’s running on the same physical hardware.

 

– Firewalling and security of your machines and data

 

In addition to the default platform firewalling and security, which isolates all machines, we provide user platform firewalls, available via our GUI, API and apps, which allow you to specify detailed, persistent firewall ALLOW/DENY rules on a per ethernet interface basis, per server. Rules can be configured by service, port, port range and from source and destination IPs and subnets with full flexibility. This allows you to lock your machines and data down entirely, even to the point of actually running a server ‘offline’ with access only over VPN or our permanent KVM access.

 

 

– Backup and Disaster Recovery plans

 

Here at dediserve, we provide you with the ability to take a snapshot image of your server at any time. These snapshots can be used to roll back your server, clone it, or replicate it at any time. You can also activate the ‘auto’ snapshot option, which will take a periodic snapshot of your server for your backup. This protects against something nasty happening the server, and we tend to recommend customers take snapshots before performing major changes, software or OS upgrades, etc.

 

In addition to the platform backup options, we are open about using only NetApp Clusters for our SAN. With fully redundant SAN pairs handling all disk storage, we can tolerate drive failures, disk tray failures and SAN failures without customer impact (we would need to lose two full SANs before customers would lose access to them). Additionally, the NetApp devices include excellent snapshot capabilities of their own, allowing us to maintain replicated snapshots across our local SAN infrastructure for disasters. Customers can also elect to deploy additional offsite backup solutions, typically based on R1soft, which will replicate your data to another cloud on a near continuous frequency – for the ultimate DR abilities!

 

We take security and protection and integrity of your data very seriously, which is why we invest heavily on the best in class networking, Servers and SAN and people, to ensure dediserve is the cloud you can trust.

Comments are closed.