Almost every business now relies at least partly on cloud computing services for some of their operations, and for most businesses, it will be public options that are the most common.
According to research by Gartner, the global market for public cloud services will reach $266 billion (£198 billion) in 2020, while Right Scale suggests 91 per cent of businesses now use public cloud services.
Of these, most firms will use one of the big three cloud providers: Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP). Between them, these providers make up around 60 per cent of the global cloud market, according to analysis by Canalys.
There’s no definitive answer as to which of these will offer businesses the best experience. As with most IT solutions, it will depend on many factors, including what you wish to use it for and what type of skills you have within your organisation.
Is the public cloud secure?
For many firms, the main question they will still have about these options is: Are they secure?
Overall, public cloud solutions are considered highly secure. The big providers all benefit from economies of scale, which allows them to put in place tough security measures that even the largest enterprises would find very difficult and expensive to implement on their own.
In fact, the biggest weakness in public cloud security is often the customer rather than the provider. According to Gartner, 99 per cent of public cloud security failures through to 2025 will be the fault of the user. But this doesn’t necessarily mean the systems themselves have no role to play.
For instance, if your chosen cloud service is overly complex or unintuitive, this could be a contributing factor to errors like misconfigurations.
So what are the security capabilities of the big three cloud providers? Here are some things to bear in mind.
AWS – Amazon Web Services
The oldest and most mature of the three, AWS is also the world’s largest cloud player. This means that, if you go down this route, there is a huge amount of knowledge and experience available to answer any security questions users may have. This also means there are long-established best practices that companies can rely on, which is not always the case with other services.
On the down side, AWS can have a steep learning curve if you’re just starting out, while its high level of complexity and a lack of centralisation may make it difficult to keep track of all parts of the deployment.
When used effectively, AWS has some highly powerful security features and offers a high level of customisation, but it may require more management to maintain control.
One of Azure’s biggest selling points is its ease of use and convenience, especially if you already use Microsoft products throughout your organisation. The easy integration and quick setup makes it a popular choice for many businesses.
Some security pros have noted that one area to be wary of, however, is that many of its features default to less secure configurations. For example, a new virtual network or machine will have all ports and protocols open as standard.
This can be an issue if you aren’t paying close attention to your security, but as best practice should always be to never rely on default options in any scenario, it shouldn’t be a problem for security-conscious firms.
One factor in Azure’s favour is the use of Active Directory. This provides a single platform for essential features including authorisation and permissions management. This makes it much easier to apply and enforce security policies across the network, whereas with AWS, these have to be configured separately for each account.
GCP – Google Cloud Service
Google’s cloud service is the youngest of the three, but that doesn’t mean it’s immature. It builds on the tech firm’s years of experience and has been developed from the ground up using concepts and policies that are essential to cloud security.
It takes a centralised approach that aims to make it easy to manage all aspects of security policies and it’s particularly good at areas such as container management, so key workloads can be effectively isolated from other parts of the network.
However, it does have a smaller community than either of the other two options, with fewer security experts available who have deep experience in the platform. Many of its security tools are still also considered ‘work in progress’, reflecting Google’s habit of keeping features in beta for long periods.
Keep Security in Mind
Whichever public cloud service you use, it will still be your responsibility to take control of key IT security elements, whether this is checking you’re not using default settings or ensuring you have strong access management policies in place.
These processes can be made easier or more difficult depending on the tools you use and the expertise you have available – whether in-house or from a trusted partner. Ultimately, however, your public cloud will only be as secure as you make it.
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.