The calculus for disaster recovery and risk management is changing. Most small businesses within the past decade would often keep many of their critical technology assets locally, perhaps in a server closet, or a centralized data center for multiple offices. They built their own “vault” of applications, databases, email, files, etc., often on a few physical servers they would be wholly responsible for maintaining and eventually upgrading or replacing. Most of them would care enough about these technology and data assets to invest significant sums in redundant servers, quick recovery backups and imaging solutions, security hardware/software as well as the physical infrastructure to support these products like power and air conditioning.
While there is still need for these physical solutions locally, it’s no surprise that from a return on investment perspective, moving these systems off to the cloud where the economy of scale for managing technology risks can often be simpler and cheaper. Why deal with the technical complexity and multiple investments of protecting, say, financial records locally when you can essentially outsource that hosting to a bigger company that can take on many of those responsibilities for you?
Concerns for Small Businesses
But the key phrase here is “many of those responsibilities.” We are making a trade here when we move to the cloud. There are new factors for protecting data and keeping our important technology available to us. Consider the example of financial records and a small business that uses this data as part of day-to-day operations. I would typically expect, before the adoption of the cloud (let’s say 2009), these kinds of systems locally, and for this exercise, I’ll list out a few potential concerns with the technology:
- Some kind of file server, with user authentication and management – Those files likely have at least (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cloud/revisiting-the-concepts-of-disaster-recovery-and-risk-as-organizations-move-their-infrastructure-to-the-cloud/