Security is always a concern when considering any cloud software for the enterprise. With data warehousing now ready for cloud prime time, the situation is no different. In fact, with data and its protection fundamental to organisations which run data analytics initiatives, security is arguably the biggest stumbling block to testing the waters (and many benefits) which can flow from a cloud solution.
But are the concerns justified, or is security no more than a theoretical problem?
Let's start by taking a step back. Good security doesn't reside in the cloud or even on-premise. Instead, it is organisation-wide. It doesn't begin and end with technology. Instead, it starts with policy and procedure, and it is backed by technology (whether hardware or software) and the actions of people working with line-of-business systems and data.
Owing to the physically different structure of going into the cloud - that is, your data is on someone else's computers - security is routinely cited as the reason to delay or avoid a move. Even if everything else makes sense, like lower operating costs, easier upgrades, elimination of hardware-related expenses, reduced real estate requirements and so on, security can be the sticking point.
That's particularly the case for businesses with stringent security requirements, like airlines, hospitals and banks.
Are cloud security issues a myth?
Yes, and no. With vendors like Microsoft, Amazon, Google and many others providing cloud solutions as their bread and butter today, the investments in security far supersede anything even a bank or airline could ever match. The vendors take security deadly seriously, because their businesses depend on it in much the same way that the business of a bank depends on a level of discretion and data protection.
Cloud security is not a weak link, it is there and quite up to the task.
But cloud environments will only be as secure as they are architected to be and this is entirely your job. Microsoft and AWS provide the security features you need but they won't architect your environment for you.
When you built your on-premise environment, you carefully planned your security to ensure it was safe; you were thorough, and you went to painstaking lengths to make sure the architecture was secure. You wanted it bulletproof.
The cloud is exactly the same. Architect it with the same care and attention to detail and it will be safe and secure.
Remember though, you are moving to the cloud to take advantage of its benefits. Scale-up, scale-down, new functionality and so on. You need to take these changes into account and build in the necessary security required. Don't just treat it like your on premises environment. It's not the same - but it does require the same amount of care and attention to detail.
Much like when you set up security for your on premises environment. You can either spend time learning about the tools (cloud platforms), how they work and setting it up yourself, or you can bring in the specialist who knows your platform of choice and has done it before.
Combining the ironclad security provided on the vendor side with the right architecture, principles and processes on your side, moving data warehousing into the cloud should present no additional security risk than an on-premise deployment.
The good practices which apply to on-premise data warehousing extend into the cloud. The fundamentals of policy and procedure are, effectively, the same.
We've seen that with less risky elements of the enterprise software stack which have moved into the cloud without trouble: take Office 365 as an example. And even more sensitive aspects, like Active Directory. The success of shifting ever-more sensitive components into the cloud builds confidence, as it demonstrates that the cloud is no less secure than on-premise is - so long as the same rigour is applied.
If you kept your house in order from a security standpoint before, there's no reason to think that will change in the cloud and there should be no additional risk presented by moving into the cloud.
All you need to do is recognise that there will be differences and take the time and care to plan for them. Once the perimeter is established, with appropriate identity management, and perhaps several internal fences put in place for additional control, cloud essentially becomes an extension of the on-premise environment. It just happens to reside elsewhere.