Some people are concerned that they will lose control over their data when the service gets “managed.” Who controls your data? Who has access to your data? How secure is your data? In a large part, that depends largely on which service you use.
Managed data vs. service
When an organization uses a managed service, the questions of concern are:
- Where is the data stored?
- Who has valid access to it?
- Who has inappropriate access to it?
In the case of some types of managed services, the data is indeed stored outside your facilities. Companies such as Salesforce host your data on their servers. For the purpose of this discussion, the benefit of this centralized storage is that anyone with a browser can access your data with proper authentication credentials. That’s the concern isn’t it? Who has access to your data?
Questions to ask in considering this type of managed service are,
- Who has (or can fake) the proper credentials to gain access to your data?
- What steps is the vendor taking to ensure your data is only accessed by authorized personnel?
- Where is the audit trail on access to the data and how secure is that?
For the managed service provider to be successful (and Salesforce is), it have to answer these questions successfully for every customer. In fact, the data stored at a successful managed service provider is probably more protected than the data centers of the vast majority of their customers. At some point, the potential customer realizes that the weak link is not the managed service provider but, the personnel using the service; just like data stored in-house.
Data backup service
In the case of on-line backups (Internet vaulting), the data store is an off-site backup of the live data at the customer’s facility. The data is usually compressed and encrypted with two 128-bit public/private keys: the customer’s and the vendor’s. The data vault vendor typically does not even have the customer’s keys. Retrieval of the data without the both key pairs is virtually impossible and secure enough for the business to feel comfortable. Like the live data stored by a managed service provider, this data must be stored in a redundant set of servers across secure facilities with the data mirrored among servers and facilities.
One of the minor tragedies (compared to the loss of life and property) of 9/11 is that some companies thought that “off-site data storage” meant they could store the data in the “other” tower. The thought that both towers could go down was inconceivable. Now, many specifications for data vaulting require that the data center must be at least 100 miles away from the client and at least 100 miles away from any other data center. <shameless plug>The data centers used by Webroot’s Email Security and Archiving Service are on different continents. </shameless plug>
Data archiving service
The terms data or email archiving applies to data or email that is not designed to be restored back to replace a failed data storage device on site. Instead, the data is in a database which while searchable, is not restorable. This service is most often done for regulatory compliance. Again as above, the data must be highly secure and stored in mirrored and redundant storage sites.
Data management/processing service
In this instance, data is not stored permanently at the SaaS supplier’s facility but is processed and passed. Email security is an obvious example. Email is cleansed and forwarded to the email server; not stored permanently. There is no less need for data security in these instances than when data resides in the centralized data center.
So, who controls the data? If the data is permanently stored at a data center, both you and the data center do but, very different kinds of control. You control the data, the data center controls the physical equipment and infrastructure holding your data. These data centers live or die on the security they provide for the customer’s data. I know of data centers that have concentric rings of secure physical access to the server farm.
- ID checking against an authorized list for access to the building
- Pass key or tokens beyond the lobby (with an escort for visitors)
- Fingerprint or palm scanning to get into the data center
- Retinal scanning to gain access to the server farm itself
Talk about a scene from “Mission Impossible”!
The idea is to give the client the comfortable feeling that the data center is unassailable. To gain access to the data, you would still have to have valid authentication to a company’s data. It’s a lot easier to gain access to data via a browser from outside. Which is more likely to be the cause of a data security leak? The customer. Just like data in your data center.
So, we come back to the question of access and control. An excellent data center can give you a SLA on security but, the easier road to access is to look under a user’s keyboard for a sticky note with their password! As we say at SaaSexperts.net, your data is, “Outside your network but not outside your control.”©
What do you think? What is your concern over control regarding a managed service? What’s your experience with SaaS?
Next Post – We’ll discuss When to use a Managed Service for Email Security in the next SaaSthought. Stay tuned.