The top five fears of Cloud computing
The stage is set. Cloud computing continues to rise in deployments, with users citing economic advantages, speed, agility, flexibility, elasticity and ongoing innovation.
We’re entering the realm of “everything as a service” and that includes physical security provided by Cloud-hosted security management systems (SMS). Systems integrators who can successfully adopt and offer Cloud-hosted security and access control solutions will find themselves well-positioned for the future — with the ability to deliver a wide range of managed and remote services to vertical market customers — while boosting the overall value of their company in the process with sustainable recurring monthly revenue (RMR).
Research by Gartner predicts a substantial shift in information technology spending from traditional hardware and software to Cloud computing over the next five years, with that transfer set to total $1 trillion, according to the firm’s July 2016 findings.
The Cloud has been used for nearly a decade or more in banking and financial processes but one of the biggest objections still hindering full adoption may be an ongoing concern of data security and integrity. As such, there’s a necessary education process for both systems integrators and the end user customer to understand why Cloud-hosting is inherently safe, being “purpose built” for physical security communications and data exchange.
What fears are most commonly voiced by customers and prospects when it comes to Cloud-hosted SMS? Do you know how to address objections by potential clients? Here are the top five fears you may hear from prospects and the information you need to know to dispel lingering doubts.
1. The Cloud’s data may be easily compromised
Nothing is further than the truth. In fact, the Cloud is actually safer than non-hosted environments and its software programs have been specifically engineered for safe data transmissions for the physical security environment. Using the Cloud for access control and physical security management actually equates to heightened cyber and threat protection as opposed to traditional legacy, on-premises server systems.
With Cloud-hosted systems, a multi-layered design brings together data security and data access with added safeguards. A security management system designed from the ground up as a Cloud-based product begins first and foremost with software security. Hosted systems can follow what Microsoft refers to as SD3+C: Secure by Design, Secure by Default and Secure in Deployment in Communications. In addition, encryption further protects the transmission of data between the client and the Cloud-based server using modern Secure Sockets Layer (SSL) and is something by default that most Cloud-based solutions provide. SSL is a standard security technology for establishing an encrypted link between a server and a client. SSL encryption, 2048 bit, secures the data connection as opposed to easily hacked Open SSL protocols.
In addition, the most secure Cloud-hosted access control systems also utilize IP Client. Systems with IP Client use outbound ports at the user’s site instead of inbound ports, which greatly reduces the risk of security breaches and data compromise. With IP Client, the IT staff does not have to enable any inbound network ports or set up port forwarding. This helps keep the network secure and lowers the management workload on IT.
Finally, some hardware providers enable Transport Layer Security (TLS) encryption which allows the server and client to authenticate each other and to negotiate an encryption algorithm and cryptographic keys before data is exchanged. In Cloud hosting, manufacturers auto-negotiate the TLS encryption with the controller boards as they initiate contact with the server.
2. Passwords make Cloud-hosting vulnerable
That’s definitely true — when it comes to non-hosted solutions. Passwords can be guessed, recycled or written down and all these factors could compromise the security of an access control system. However, secure, Cloud-hosted solutions don’t use default user names and passwords. Instead each hosted system is issued a unique password and can also provide additional security with two-factor authentication which can be attached to the log-in credentials of any user for an added layer of security. With two-factor authentication user accounts are linked with a second source of verification, i.e. Google authenticator, which generates a code based on a timer or counter. Users must provide this code upon entering their user name and password, which means a perpetrator would need three things in order to access the system: user name, password and access to open the device which generates the two-factor authentication code.
3. Management of Cloud software takes an IT tech
Quite the contrary: once it’s set up, no additional work has to be done. A SaaS access control solution can automatically eliminate the threat of the user losing data due to negligence or being too busy to regularly backup the database. An SMS hosted in the Cloud provides regular, automatic upgrades, daily database backups and full redundancy, eliminating the risk of having all data stored on site.
A reliable product will also provide multi-layered redundancy, meaning that multiple “write” transactions are provided. If the primary database goes down that data would exist at another location and brought back online. A second layer would be point-in-time recovery. This allows the user to restore or recover data or a particular setting from a time in the past, including history reports and recent access control transactions. If the user accidentally deletes records it only takes a quick tech support call to revert the system back to a time point before the error happened.
4. Cloud hosted systems don’t readily scale and can’t integrate legacy components
The Cloud actually provides greater flexibility and scalability of applications, and that equates to better business agility. These solutions offer a more convenient route for both small-to-medium businesses as well as enterprise customers who don’t have to go through the complexity of designing and deploying an on-premises server system.
With off-site hosting, there are no servers or appliances necessary at the customer site. This saves time and money and allows customers to future proof themselves from obsolete technology. In addition, Cloud-based SMS systems offer nearly infinite scalability, from smaller systems to large national/enterprise accounts. Cloud-hosted access control is in most cases a platform that can grow to an infinite number of access points, limited only by the controller’s hardware specifications.
Finally, with legacy equipment and Cloud-hosted solutions, the user isn’t forced into a total rip and replace. Cloud-hosted access control systems are most often hardware agnostic and can be configured for communication with many legacy devices already on site.
5. End users will balk at the price tag
Cloud-hosted solutions actually offer a lower total cost of ownership over the life of the solution. Most users don’t consider the true cost of an on-premises system which includes servers, racks, power and cooling costs, labour hours by the IT staff, operating system updates, firewall configurations, necessary VMware, etc. All these little nuances add up big.
In addition, with offsite Cloud hosting customers don’t need a dedicated IT person to administer programs and configure operating systems, databases and applications. These expenses and ongoing maintenance are alleviated as they are handled by data centres in the Cloud. Users also have access to all software functionality housed in the Cloud and can select the portions they want to manage, such as badge creation and decommissioning of access control permissions. They have choices: the option of having the systems integrator manage the solution, or, administer the system themselves with their choice of connected device, including desktop, laptop, tablet or smartphone. Integrators get the bonus of managed services, which allows them to perform maintenance and service remotely, which equals lower costs for users as opposed to paying for a service call or onsite visit. And, as a tiered solution, customers can expand without costly jumps from entry level to enterprise solutions.
Finally, users will be attracted to the possibility of being able to budget effectively with Cloud-hosted services, which move physical security from a large initial capital outlay or capital expense to an operating expense which can be planned and budgeted for easily.
Today’s systems integration is all about delivering service. And there’s no better way to deliver service in a highly flexible and scalable environment than Cloud-hosting. Cloud hosting for physical security and access control management is a sophisticated, yet user-friendly solution that provides tangible benefits to both systems integrators and end users. The challenge lies in understanding the technology and what it can do and conveying benefits to the customer.
Brian Matthews is director of sales at Feenics, an Ottawa-based security company offering Cloud-based software and services.
Security Career Expo
March 7, 2019
March 12, 2019
Canadian Technical Security Conference
April 2-4, 2019
ICT Canada — Presented by BICSI
April 8-11, 2019
April 10-12, 2019
Security Canada East
April 24, 2019