Selecting the Best Cloud Service Provider Based on Your Security Needs

While Cloud-based services have proven to make business sense by saving companies from the deep investment of maintaining their own infrastructures, there is a reasonable amount of concern that arises when entrusting another company with critical information or processes. Companies that are used to keeping servers in-house have it in their best interest to keep an industry standard of security with their information. With a number of Cloud service providers promising unique features and robust security options, how do companies find a provider that is right for them?

Across the board, the central specification that feeds into the security integrity of a Cloud is its architecture.1 Although security features can be added in addition to the Cloud, the architecture provides a basis on the level of security measures that can be done.

Types of Architecture

Fundamentally, the Cloud virtualizes an aspect (or the entirety) of a process to be accessed through the internet. One tactic that service providers use to keep the cost of maintaining virtualized machines low is to host multiple tenants on a single server.2

Multi-tenant Architectures

Cloud-based services with a multi-tenant architecture, by definition, share their servers with a portfolio of other clients. Intuitively, sharing a server with other companies can raise red flags about their best practices with the Cloud. To alleviate these concerns, Cloud service providers need to address the risks of multi-tenancy at all layers of use.3

At the core, virtual machines are run by a hypervisor or virtual machine monitor (VMM). The hypervisor intercepts all traffic between virtual machines, segmenting services and infrastructures into their proper destinations. Because virtual machines are managed by a hypervisor, upgrades and additional features are updated automatically for all tenants.

Service providers have the option of providing additional security by embedding APIs into the hypervisor for more vigorous segmentation.4 These APIs intercept the exchange of data for further protection, adding security to flow of information within the server.

While multi-tenant servers have proven themselves to be safe and reliable, it is the responsibility of the tenant to ask service providers about their layers of security. Tenants should ask questions about how authorization is given, so that only those with access can see the information. The tenant of the server will have to monitor their security provisions if they want to stay up-to-date. It  also is recommended that tenants ask for expert advice about configuring protections given with the service.

Multi-Instance Architectures

Most Cloud service providers that offer Software as a Service (SaaS) will use a multi-tenant architecture in their servers because of its scalability. However, Cloud service providers that offer Infrastructure as a Service (IaaS) use multi-instance architectures to meet their huge functionality demands.

Multi-instance architectures stemmed out from the growing acceptance of multi-tenant architectures. Servers were pushed to their limits as they hosted more demanding processes and even entire infrastructures, pushing forth the idea of dedicating entire servers to meet demand.5 This leads to the major difference between multi-tenant and multi-instance — multi-instance doesn’t share servers with another company.

Since multi-instance stemmed from multi-tenant, the principle of protection in layers is inherited.6 By isolating infrastructures into their own servers, the risks that come from sharing a server are minimal, securing processes and information more effectively. However, this added protection does come with its downsides, such as a higher cost factor.

It depends on what you’re hosting

If the information being stored on a Cloud server is of high importance, then it is better protected in a server with multi-instance architecture. Although there is a loss of convenience by keeping the information isolated in its own server, it limits the risks associated with third-parties. Multi-tenant architectures, on the other hand, offer an economical choice for companies because the cloud space is being shared. This, however, makes server upgrades cumbersome and customization options minimal and simplistic. It is important to note that both architectures support top-layer security measures from other providers and encryption tactics.

  1. Charles B. Cloud Architecture: Get It Right The First Time. Information Week. http://www.informationweek.com/Cloud/infrastructure-as-a-service/Cloud-architecture-get-it-right-the-first-time/d/d-id/1111680?
  2. Phil W. Multi-tenant, multi-instance: the SaaS spectrum. Diginomica. http://diginomica.com/2013/12/20/multi-tenant-multi-instance-saas-spectrum/#.Vd5s_vlViko
  3. “Securing Multi-Tenancy and Cloud Computing”. Juniper Networks. http://www.juniper.net/us/en/local/pdf/whitepapers/2000381-en.pdf
  4. Ibid
  5. Phil W. Multi-tenant, multi-instance: the SaaS spectrum. Diginomica. http://diginomica.com/2013/12/20/multi-tenant-multi-instance-saas-spectrum/#.Vd5s_vlViko
  6. “Securing Multi-Tenancy and Cloud Computing”. Juniper Networks. http://www.juniper.net/us/en/local/pdf/whitepapers/2000381-en.pdf