Share on LinkedInTweet about this on TwitterShare on FacebookEmail this to someonePin on Pinterest
Read on Mobile

Build Your Cloud Storage Strategy with These 6 Security Fundamentals

cloud storage

Cloud-based data storage is critical for applications to behave as expected. It’s also a common source of security vulnerabilities—data is the target of many hacks and unsecured data can be vulnerable to both internal and external hacks.

One of the advantages of the cloud is the ability to choose the type of storage that is best suited to your application’s specific needs, rather than making your application work with whatever storage option a storage admin had available. However, making efficient use of the storage options requires understanding the advantages and disadvantages of each type of storage. It’s also essential to consider storage provisioning an integral part of the application development process, rather than as an afterthought.

Storage is also often the least-portable part of an application, so if you follow a multi-cloud or hybrid cloud strategy—or simply want to avoid vendor lock-in—storage is a critical part of that strategy.

There are also storage-related operational challenges. Storage, unlike compute, degrades over time. Data storage ultimately is connected to a physical appliance, and as it is written and rewritten its capacity degrades. There can also be physical contaminants that cause data degradation. If you’re running a dynamic, containerized application in which clusters detach and reattach from storage resources, every attachment and detachment point is an opportunity for something to go wrong. A data storage strategy isn’t something that can be handled once and then ignored—storage resources need to be continuously monitored for cost-effectiveness, performance, and security vulnerabilities.

AWS vs Azure vs Google Cloud: Know Your Storage Options

AWS offers Amazon Simple Storage Service (Amazon S3) for object storage, Amazon Elastic Block Store (Amazon EBS) for block storage, Amazon Elastic File System (Amazon EFS) for file storage as well as disaster recovery, archive, and backup storage services. On Microsoft Azure, object storage is called Blob Storage, while block storage is called Azure Disk Storage. Azure Files provides file storage, and Azure likewise has separate storage options for archives, backups, and disaster recovery that assume the storage won’t be accessed frequently.

Whether you’re using AWS, Azure, or Google Cloud, the advantages and drawbacks to each type of storage are similar. File storage operates like the digital version of a file cabinet, in the same way, you store documents on your personal computer—organized in a logical hierarchy. File storage can handle just about any type of data and is easy to navigate, but difficult to scale.

Block storage chops data into blocks, and spreads those blocks strategically around multiple environments. When needed, the data blocks are identified by a unique identifier and reassembled. Block storage can be expensive and can only be connected to one instance at a time. Cloud vendors often offer block storage in HDD (Hard Disk Drives) and SSD (Solid State Disks) depending on throughput requirements.

With Object storage, the data is stored as ‘objects’ and multiple servers and clients can connect to the same object storage container, using its web address. Object storage can handle detailed metadata and it scales easily, especially in the cloud, making it cost-effective. However, objects can not be modified, which means object storage is not a good fit in situations where data will need to be adjusted/rewritten frequently. It also doesn’t work well with traditional databases. You could use object storage to host a static website, but any time you need to change the contents, you upload a replacement version, similar to using an FTP (File Transfer Protocol) server.

There are also many vendors who offer software-defined storage options that add a layer of abstraction between the cloud provider’s native storage and compute. Using a software-defined storage layer is often necessary to make data storage portable between cloud providers and attain operational control over data storage.

Read more…

Business Challenge:We've curated the most common business challenges Designing a secure cloud architecture
Stage:We've split the research process into 3 tasks Identify Problems and Requirements Building

Latest Additions

Get our Newsletter

Curated research and insights straight into your inbox.

(twice monthly)

We will collect, use and protect your data in accordance with our privacy policy