Is the Cloud Really the Safest Place for You to Store Your Critical Databases? New Techniques for Ensuring Cloud Database Security

By: Morpheus Data

Cloud services now act as data-security aggregators by applying big-data principles to spotting and thwarting new data threats.

It’s a fact: the cloud is where more and more of your company’s data resides. Still, some companies are reluctant to trust their vital databases to a cloud service. That’s because migrating a database to the public cloud is not the same as moving your apps and web servers there.

In “Zen and the Art of Cloud Database Security” from November 2014, SecurityWeek’s David Maman writes that cloud services are well-equipped to thwart attacks against the integrity and availability of apps and web servers. However, databases must also be protected against threats to the confidentiality of the data. Equally important, databases must comply with laws and regulations relating to data security.

Forrester Research predicts continued steady growth in both cloud database services and cloud security spending through 2016. Source: Forbes

In the second part of Maman’s article, he explains the areas where customers and cloud service providers share responsibility for the security of their hosted databases. These include encryption, ensuring software patches are applied, and implementing a rock-solid backup plan. Maman also describes the compliance-related controls that must be applied to databases, such as mapping regulated data to exact locations; identity management; encryption; and deterring, detecting, and mitigating attacks from within and without the organization.

The benefits of leaving cloud database security to the experts

In a very short period of time, security has shifted from being a primary reason why companies kept their databases in house, to being a primary reason why companies are hosting their databases in the cloud. In an August 29, 2015, article on entitled “Do the Math: Can Your Business Benefit from a Cloud Database?“, Baron Schwartz cites improved security as one of the three benefits of database as a service; the other two benefits are scalability and reduced administrative costs.

Schwartz states that database security depends on timely application of software updates and patches. Despite the best of intentions, these important operations simply are not done consistently at most organizations, or they’re done poorly. It is much safer to trust this important function to a service that specializes in keeping databases patched and protected from the latest threats.

Perceptions change slowly in IT departments, as evident by a 2015 survey by Vormetric that found database risk greater than perceived by IT, and cloud risk less than IT’s perceptions. Source: Forbes

DarkReading’s Bill Kleyman highlights another big reason for trusting cloud services with the security of your company’s databases. In a March 9, 2015, article, Kleyman points out that the cost of a data breach continues to skyrocket: malicious or criminal attacks now cost $246 per record lost on average, while system glitches and employee mistakes cost the companies an average of $171 and $160 per compromised record, respectively.

To see how Morpheus can help you securely store and manage your databases and apps, click here for a free trial.