trapp online The Cloud, Small Business, and Advanced Data Security Advanced Cloud Security

Transcription

1 The Cloud, Small Business, and Advanced Data Security How extraordinary security measures create a better overall hosting solution for small business A White Paper from Trapp Online by Kent Sorensen, April, 2013 Audience Small to Medium Business Owner/CEO

2 Cloud Benefits Executive Summary Benefits of Cloud Computing The adoption of cloud computing solutions in small business is growing rapidly due to its significant operational advantages, including these wellestablished and measurable benefits: Lower overall cost Improved productivity Less IT maintenance Expanded access Enhanced security Cloud/hosted applications and IT infrastructure hold significant economic, operational and security advantages over on-premise solutions. Cloud Security Concerns for Small Business Data security is the number one concern of small business owners considering cloud computing. Potential theft, loss or corruption of sensitive data, and business-ending security breaches contribute to fears. Inadequacy of Non-cloud Solutions On premise IT and distributed applications are difficult and expensive to secure. Traditional commercial cloud solutions compromise security with shared servers, high-priced dedicated servers, and poorly equipped small data centers. Approach to Advanced Cloud Data Security for Small Business is: Ahead of its time due to a relentless security philosophy and unprecedented up-front investments in security expertise and infrastructure A locked-down, isolated network, dedicated server environment within a world-class data center in a low disaster risk U.S. location

3 Trapp Online Hosting is Safe and Affordable for Small Business Advanced Cloud Data Security fosters a more stable environment which costs less to maintain. The customer gets unsurpassed data security at an affordable price. A Better Overall Cloud Experience Trapp Online s Advanced Cloud Data Security creates In spite of high adoption rates, data security on the Cloud remains the number one concern of business owners, slowing adoption by many organizations. unexpected non-security benefits which include: 1. Faster setup Less application vetting 2. Better integration Promoted by an isolated, stable environment 3. Improved performance Faster and more consistent response times 4. Fewer problems A more stable, dedicated environment 5. Less downtime Reduced handling and interference 6. Less IT hassle More time for growing the business 7. No compromises Eliminates tradeoff between security and cost - 3 -

4 Benefits of Cloud Computing The adoption of cloud computing solutions in small business is growing rapidly1 due to its significant operational advantages, including these wellestablished and measurable benefits: Lower overall cost Improved productivity Less IT maintenance Expanded access Enhanced security Cloud Data Security Concerns for Small Business In spite of high adoption rates, data security on the Cloud remains the number one concern of business owners, slowing adoption by many organizations. Reasons for the concerns are well-founded and can be summarized as follows: 1. Theft of Sensitive Data Small business application databases contain information attractive to criminals, hackers and competitors, including customer names and addresses, bank account numbers, credit card numbers, and private company financial data, which, if stolen, could result in financial harm to companies and customers. 2. Destruction or Corruption Viruses or malware encountered in shared cloud environments and unauthorized access by malicious parties are serious real and perceived threats. 3. Data Integrity Accountants and others routinely download sensitive data from small business applications to prepare statements and taxes, perform audits and to correct errors. Multiple copies of data increase the probability of data lost to overwriting, lack of synchronization and the substitution of older versions. 4. Fallout A security breach creates the potential for serious consequences putting a small business at risk. Lawsuits by vendors and customers, negative reviews, boycotts and blackmail are outcomes that all companies want to avoid

5 Problems with standard cloud solutions 1. Shared servers The standard offerings from large, commercial cloud providers combine multiple customers Inadequacy of non-cloud solutions Retaining applications and data on local company servers does not remove threats from the outside world. All but the most sensitive government and business networks are connected to the Internet. Securing individual workstations and servers with tight security measures is expensive and less than foolproof. Productivity suffers when access is tightly controlled. Virtual Private Network (VPN) technology typically offers broad access to network resources and data accessed can be transferred from servers to remote machines. In summary, security measures distributed throughout a network are inadequate, challenging, costly and incomplete. on a single virtual or physical server. The shared environment increases the threat from viruses and malware imported to the server by other customers or from unauthorized access to data from wandering or dishonest users. 2. High cost of dedicated servers Dedicated resources are recognized as a solution to some cloud security risks and are offered by many large service providers. Unfortunately, providers charge up to five times more for a dedicated server environment eliminating this option for smaller companies. 3. Under-equipped service providers Smaller cloud and hosting providers do not have the capital or the human resources to build and maintain redundant systems, disaster recovery procedures, physical access controls and full network security. The result is often data security inferior to shared server or on-premise solutions

6 Advanced Cloud Data Security The Trapp Online Approach Above-and-beyond efforts to create second-to-none security features place Trapp Online s Advanced Cloud Data Security years ahead of other hosting providers. This dramatic lead in security comes from two directions: 1. Philosophy Company founder, David Trapp, built and managed an accounting firm for 20 years before starting Trapp Online. There s a security mind-set I developed from years of experience, a dedication to privacy and a commitment to reliability arising from my worst Current industry forecasters say the Cloud is headed in this direction but, the security measures developed by Trapp Online exist mostly in theory for other cloud providers. accounting fear, the inability to print paychecks with people waiting. This attitude has driven Trapp Online to build the most resilient and secure cloud environment possible, he explains. 2. Partners and consultants Trapp Online spent the funds necessary to acquire the services of the most qualified technical experts in cloud security, the best minds in their areas of specialization, both vendors and consultants. The result of their combined input a cloud security mind-meld is a solution that is years ahead of the industry

7 Trapp Online Standard Cloud Security Features The security features and benefits of Trapp Online s data center, listed below, represent current cloud best practices found in most large commercial data centers. Centralized Data and Application Storage a. Reduced exposure Data remains on the server at the data center. Data stored in a single location (with backup) reduces the surface area or number of potential threat access points. Trapp Online s cloud infrastructure is part of a larger private data center in Phoenix, Arizona. b. Centralized protection Security is concentrated at the server and optimized for that environment. c. Simplified remediation When weaknesses or new threats become known, corrective action is faster since it need not be adapted to multiple environments and machines. d. Backups Rolling seven-day, redundant backups of all data are performed automatically Secure Access to Data a. User authentication Individual login credentials are checked regardless of the location or device from which the data is accessed. b. Encryption - Website encryption with SSL certificates and RDP/RDC session 128-bit RC4 encryption c. User access controls Administrator/vendor and end-user permission levels - 7 -

8 Data Center Environmental controls The data center environment is maintained at a constant humidity and 72 degree set-point. Chillers and condensers are located in a secured exterior area. Standards Passed SSAE 16 Soc Type II and SAS 70 Type II audits; PCI Compliant; built to the standards of the banking industry Controlled access Man trap with turnstile, 2 factor authentication, key Redundant systems Redundant diverse fiber paths in network infrastructure, UPS and generator power backup with 24-hour fuel supply and stand-by contracts with local fuel suppliers, multiple Computer Room Air Conditioners (CRAC) units, card access 24/7, entry and exit logs, biometrics security, closed circuit monitoring with CCTV, 24x7 support staff and security operations center, alarms tied into campus, BMS, local police and fire departments Fire Suppression & Monitoring Multiple-zoned pre-action fire suppression system, Smoke alarms and sensors under floor panels and mounted in ceiling and in ceiling plenum Human Resources - Data center personnel are trained professionals. Physical protection Data center located below ground level in Phoenix, Arizona, a location considered to be safe from fire, flood, earthquake, hurricane, tornado and other natural disasters4. A disaster recovery plan protects data in case of an unlikely event

9 Trapp Online employs a unique combination of advanced security features not found at other commercial data centers. Dedicated Servers a. Data lockbox A dedicated server for each customer provides an extra layer of protection, like a safe deposit box within a bank vault. b. Isolated servers Customer s virtual servers5 are logically isolated. Other servers can t be accessed or even seen, creating an effective barrier to hackers and data theft. Risks like viruses don t bleed from one cloud customer to another. Isolated Network Network traffic for each customer is completely segregated from other data center users. Every client s data is transported in its own pipe. The best security technicians from Cisco, VMWare and NetApp were assembled by Trapp Online s security chief to create the Advanced Cloud Data Security architecture. The comprehensive, proprietary design is unfamiliar to outside companies and hackers, providing an extraordinary level of protection. Redundant Internet Trapp Online built an Internet mesh, or mix of four carriers for Internet reliability, including a failsafe wireless carrier accessed with a rooftop antenna. Cisco Flexpod A recent hardware upgrade from Cisco with data storage by NetApp makes Trapp Online a Cisco Flexpod cloud provider, a level of security achieved by less than one percent of U.S. data centers

10 Proactive Firewall Design a. Adaptive security appliance The Trapp Online firewall employs a Cisco Adaptive Security Appliance which is continuously monitoring evolving worldwide security threats and upgrading protective software in real time to combat them. b. Custom firewall settings Customers can customize their own firewall settings to adapt to unique requirements. Vendor Portal Single sign-on Administrators and accountants access multiple customer accounts with a single login and password, reducing password dissemination and increasing password control. Additional Layer of Physical Security Trapp Online s cloud infrastructure and servers are located in a locked, partitioned area within the larger data center, providing an additional layer of operational security by physically excluding data center visitors and technicians like a vault within a fort

11 Benefits of Advanced Cloud Data Security Enterprise-class security at an affordable price Trapp Online s Advanced Cloud Data Security features and unique data center architecture generate fewer problems and require less IT support than less secure environments. Trapp Online has invested substantial resources to create this exceptionally stable and reliable environment. The resulting operational efficiencies enable Trapp Online to offer dedicated servers at a shared server price affordable for small business. Big security for small business Data security is not just a concern of large corporations. A security breach of sensitive customer data in a small business puts the entire enterprise at risk. Trapp Online s Advanced Cloud Data Security makes sensitive data highly secure. The data center environment and extra security features are more effective than any security measures a small business could implement on its own. Additional non-security benefits of Advanced Cloud Data Security 1. Faster setup Integrating applications like QuickBooks and Salesforce is problematic in a shared server environment, often requiring a vetting process that can take up to a month. Dedicated servers remove the variables and interference from other customers applications that must be managed in a shared environment. With no application vetting process, setup can be accomplished in minutes instead of days or weeks. 2. Better integration Dedicated environments allow greater flexibility making application integration easier to accomplish and maintain. Integrations run more reliably in a stable environment. 3. Improved performance Less competition for resources means faster and more consistent response times. 4. Fewer problems Because each customer s environment is more stable, less IT maintenance is required. 5. Less downtime Each customer s stable, dedicated server environment does not change as other customers are added to or removed from the cloud. There s less handling and less to go wrong, which results in less downtime. 6. Less hassle Faster setup, improved performance, fewer problems and less downtime are good for business. Owners spend less time on the phone dealing with IT issues and more time focused on growing the enterprise. 7. No compromises Traditional cloud pricing requires you to pay more for a more secure environment, creating an uncomfortable trade-off between security and cost. Trapp Online s Advanced Cloud Data Security results in a more secure environment where costs to the customer are less. Business owners no longer need to decide between saving money and having more secure data. Trapp Online eliminates the trade-off by giving you both!