Which environment is more secure on-premises (Data Center) or Cloud (AWS/OCI/Azure/GCP/Other)?


What is On-Premises?
On-premises means a software & a hardware infrastructural setup deployed & running from within your organization. Organization have the complete control over the infrastructural setup including building, electricity, air-conditioner, costly servers and networking with n-number of staff to manage all including security guards, networking engineers and many more. Data stays in your private network, nobody other than your team has access to the information. We can also call on-premises infrastructure as a private cloud now these days.


What is Cloud (AWS / OCI / Azure / GCP)?
The Cloud enables anyone with an internet connection to access IT resources on-demand as a software as a service (SaaS), platform as a service (PaaS) and infrastructure as a service (IaaS). SaaS, PaaS and IaaS have their own pros/cons. Following are major cloud provider and you can see further details from AWS, OCI, Azur and GCP.

What are things we need to consider before selecting on-premises or cloud?


Application: Specially we need to consider Host and Endpoint Security. If any issue occurred then how to identify and prevent with proper response along with that assesses code, logic, and application inputs to detect software vulnerabilities and threats. 

Application or User Data or Storage: Securing the application or user data or storage are again more important and helps protect data via encryption, user behavior analysis, and identification of content. Generally attacker wont attack in single day or in month, once they targeted then they start with single system and get spreed into organization level horizontally for long term data including hard disk, network storage, nfs, file server, tap, pen drive or external storage, once they have all done then they will start displaying message on screen or disable logging, and start promoting their own antivirus application to buy and protect application and data.  

Networking: Network inspection designed to detect and protect your workloads from malicious or unauthorized traffic with help of network security list, security list and OS level firewall along with few application like Web Application Firewall (WAF).

Which environment is more secure on-premises (Data Center) or Cloud (AWS/OCI/Azure/GCP/Other)?
On basis of above few points, most of people including me believe Cloud environment is the best for security point of view, few additional points are as follow:

Once we identify any issue especially security, we can destroy running application and re-create in cloud environment specially in AWS and OCI. Only we need to consider you have implemented DevSecOps way of implement of your application. Which is Infrastructure as a Code, in market so many open source tools are there like Terraform, Packer, Jenkins, to automate it.

Network security, again in cloud we can do very fast and easy way to modify or block any unauthorized ip's compare to on-premises.

Lastly, data storage, we have more security compare to on-premises. 

That's all for this brief discussion, please response few point in comment what you believe on reality on-premises or cloud is more secure.      

Ad

4 comments:

  1. Nice post about on-premises and cloud environment, keep posting..

    ReplyDelete
  2. Best Ansible course, you can refer from ansile.

    ReplyDelete
  3. Great Article
    Cloud Computing Projects


    Networking Projects

    Final Year Projects for CSE


    JavaScript Training in Chennai

    JavaScript Training in Chennai

    The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training

    ReplyDelete
    Replies
    1. Current best price: ₹360 Expires in 5 days End date September 29, 2020 9:05 PM PDT

      * Jenkins (Mastering in Jenkins with other Tools)
      https://www.udemy.com/course/jenkins-mastering-in-jenkins-with-other-tools/?couponCode=RS360SEP2020

      * Packer, Terraform, Jenkins and Vagrant in AWS Cloud (5-In-1)
      https://www.udemy.com/course/packer-terraform-jenkins-and-vagrant-in-aws-cloud-5-in-1/?couponCode=RS360SEP2020

      * Terraform for AWS by Examples
      https://www.udemy.com/course/terraform-for-aws-by-examples/?couponCode=RS360SEP2020

      * Ansible Hands On in On-Premises & AWS Cloud Environments
      https://www.udemy.com/course/ansible-hands-on-in-on-premises-or-aws-cloud-environments/?couponCode=RS360SEP2020

      * Git (Bitbucket) in Unix or Windows
      https://www.udemy.com/course/git-bitbucket-in-unix-or-windows/?couponCode=RS360SEP2020

      * Packer (Product of HashiCorp) Images from Scratch in OCI
      https://www.udemy.com/course/packer-product-of-hashicorp-custom-images-creation-from-scratch-in-oci/?couponCode=RS360SEP2020

      Delete

Your feedback and comments will help a lot's for improvement: