Happy New Year! Welcome to the 12th edition of the JW Secure Informer, our bi-monthly newsletter. This is an opportunity to share what’s on our radar, specifically with respect to enterprise network security, but also regarding IT and business more generally.
The Informer is intended to be useful content and good for a quick read. So if it’s just clutter in your inbox, we’ve failed, and I hope you’ll let us know.
Business Agility with Secure Structured Storage in the Cloud
High-growth businesses have advanced IT needs that can only be met by a combination of services and resources that are internal and external, off-premise and on-premise. The most successful businesses are those who can combine those options in innovative ways in order to bring new capabilities to market more quickly and efficiently than their competitors. Compliance requirements and data security sensitivity have prevented these businesses from benefitting from public cloud and datacenter colocation.
The ideal solution is one that offers the interoperability of SQL, the rapid provisioning benefits of the cloud, and the security benefits of on-premise storage. Fortunately, you can now experience these benefits by turning the typical cloud computing model on its head.
The usual approach to cloud computing is to seek scalability by transitioning “front-end” compute resources, such as web servers and business logic. However, when it comes to optimizing the competitive benefit gained from line of business application development, front-end scalability is rarely the determining factor. Instead, the most important issue is often the speed at which the new capability (i.e. the app itself) can be deployed, followed by the speed (and associated cost) at which the app can be modified and redeployed as business needs evolve.
In our experience, provisioning new structured storage capacity in the cloud is much quicker than provisioning new structured storage capacity on-premise. This is not to fault on-premise IT personnel. Indeed, SQL Server is a complex and full-featured application, and it is time-consuming to support, configure, and maintain. In addition, many IT organizations require that SQL is run on dedicated hardware, rather than on virtual machines. As a result, requests for additional capacity must also provide budget for both equipment and personnel. However, by taking advantage of specialized cloud-based services like SQL Azure or the SQL support in Amazon Web Services, some of that overhead is avoided and, most importantly, deployment can be considerably quicker.
A similar argument can be made about provisioning front-end servers in the cloud versus on-premise. However, in terms both of overhead and of deployment speed, the difference isn’t nearly as notable as it is for SQL. Therefore, if you have a three tier LOB app, and you can only put one tier in the cloud, we recommend that you choose the backend. (We’ll come back to that in a second.)
So, cloud-based SQL is the way to go for speedy line of business deployment, but how should you secure the data? To ensure data security, we recommend that you keep front-end app servers on-premise. By performing encryption and decryption within the on-premise application server, you only store encrypted data in SQL, and plaintext data never reaches the cloud. With this “secured cloud and on-premise” mixed solution, you still get all of the benefits of SQL with the flexibility of cloud storage.
Do you want to learn more about how we can help you with running your app securely in a colocation environment? Contact us at firstname.lastname@example.org about our SecurEntity solution–it implements a data security proxy as a convenient software library, ensuring that your application is secure, easy to deploy, and flexible. We’ll be happy to conduct a free assessment of your line of business application needs.