Understanding Risk in the Cloud

Professional stuntmen analyse exactly what they are doing before they do it, assess their risk and make all the necessary adjustments to ensure that they emerge unscathed.

If you are about to take your first steps into a cloud environment, you will no doubt also be assessing how this affects your risk exposure. Is it increased, decreased or just different?

The assumption that you are simply swapping an on-premises data centre for someone else’s data centre (in the cloud), will immediately lead you down the wrong rabbit hole. This is something risk managers and security officers need to understand, at least at a high level.

Resilience within cloud technology has been developed specifically on the premise that everything must fail sooner or later. That means that when we build our customer networks, individual components are designed to fail over, scale out or scale up, or be replaced by synchronised copies of your systems.

Our customer networks are built-in Amazon’s EU and UK Availability Zones (AZ), each being one or more discrete data centres with redundant power and networking. All AZs in an AWS region are interconnected with high-bandwidth, fully redundant, dedicated metro fibre, allowing synchronous replication between them. We ensure multiple copies of your data are held in physically separated AZs, separated by a “meaningful” distance, usually within 100 kilometres of each other, which means you benefit from more highly available, fault-tolerant, and scalable systems than would be possible from a single data centre.

What if AWS “goes down”? Amazon’s environment is not a single monolithic entity and to date, AWS has never suffered a full regional failure or a global outage. Risk Managers and IT Managers performing due diligence should work with their provider to gain an understanding of the fault-tolerance within each system, and the various mechanisms for fault tolerance between systems, from the server component level up to data centre level.

Risk Managers unfamiliar with the cloud may look to Multicloud scenarios for resilience. This literally means a multi environment failover that requires you maintain full portability between two providers. This is a massive burden in terms of cost and effort required to deal with different network architectures, different storage capabilities, different security capabilities; and don’t forget that both systems will need to be monitored. All of this potentially reduces the time that you should be using to fully utilise the resiliency already available.

To conclude; our customer networks are built with availability, performance, and disaster recovery at their core. We define this as the capability to recover when stressed by load, subject to an attack, (either accidental or deliberate), or failure of a component. We take advantage of the numerous tools that AWS provides to achieve this, and we build networks to address your specific requirements.

Contact us to discuss how you can take advantage of the cloud and manage your risk.