fbpx
Die Cloud und Sicherheit symbolisch dargestellt

Endless Space – How Safe is the Cloud?

The cloud: endless space. It’s the year 2019. These are the adventures of companies with 400 servers, who are 5 years into their quest for external cloud solutions that promise new opportunities and renewed efficiency. Many light years removed from other users, these companies are venturing into cloud applications that are yet to be explored.1

The Triumph of the Cloud

cloud computing has gained a lot of ground over the past few years, and it is growing steadily. More and more new applications are arriving on the market, expanding the opportunities the Internet can offer its users. Companies are increasingly adopting decentralized approaches to work. Remote work is the new normal. In the meantime, cloud applications have been integrated in nearly every company’s work processes. Even this text originated in the cloud.

We constantly field this question: “Why do you rely on the cloud for Virtual Reality applications instead of your clients’ own internal servers?” The reason people ask this is because they have concerns about security. Because employees still believe that their company’s own servers offer stronger data protection. But is that really the case?

In this article, we’ll present different server solutions, explain why be believe in using a mix, and why we ended up choosing the cloud when it comes to Virtual Reality. We’ll also shine some light on the topic of security.

Cloud Computing

cloud Computing refers to the relocation of processing power, storage, and digital infrastructure from several small computing units, clients, or end devices in favor of centralized server farms. Users can connect to the servers using public Internet or a private Intranet. In fact, everybody uses cloud services, in both their professional and private lives. Every SMS or E-mail we send lands in a server somewhere. Even telephone communication data is secured on the telephone service providers’ servers, which is what enables them to bill you.

But What is a Server?

Servers are computers that have enough storage space or processing capacity to store data or accommodate computing processes which you outsource from your computer to the server. Servers are also called Hosts. The term Client refers to all the devices that can access the host to receive processing power, sorts, assignments, and data.  

Generally, when people talk about a “cloud”, they’re referring to a “public cloud.” In these cases, the cloud is integrated into a public network and consists of at least one server. There are also other types of clouds though.

Public Cloud

In a public cloud, clients use the public Internet to connect to a server infrastructure made available by a provider. This means that instead of purchasing their own hardware, users only pay for the units they use. The service provider also ensures security by mirroring data several times and protecting server farms from cyber-attacks.

Private Cloud

private clouds are accessed via internal company Intranets or a VPN Tunnel (Virtual private Network). A company’s employees usually refer to this as their “server.” Data is exchanged exclusively within the network, and this network can’t be accessed by the public. However, private clouds must also be adequately secured in order to prevent potential cyber-attacks.

Hybrid Cloud

A hybrid cloud can be accessed for both private and public applications. The server structure is tailored to fit the company’s individual needs.

Multi Cloud

The multi cloud refers to a mix of different cloud models. With regards to Edge Technology, a relatively new innovation which allows devices to communicate among each other directly, different data streams must be coordinated.

Public Cloud or Private Cloud – Which Is Better?

Setting up an internal server and deploying it for the company’s internal network generally is faster and reduces data transfer latency. This also makes it easier to tailor server hardware and software to your company’s own needs, since you’re not dependent on a service provider’s structure. Your data will also still be available if the Internet malfunctions. However, it will not be protected from power outages, fires, or floods. The company must make its own precautions for these occurrences.

Major cloud providers like IBM, AWS, or Deutsche Telekom kind of have home advantage here, since data security as well as the protection and maintenance of server infrastructure are core components of their business models. Data is mirrored several times, so that it can be restored even in the worst-case scenario. As a client, you pay a usage fee that covers the cost of the hardware, the physical location, and maintenance.

Many Roads Lead to Your Destination – the Server Mix

Sometimes, the most efficient and sensible way to deploy servers doesn’t have to be a binary choice. Instead, it requires a mix of servers that is tailored to suit the company’s requirements. These days, there are software solutions that are only offered on the public cloud. Meanwhile, there are still numerous applications that run on internal company servers. Internal servers can be connected to a service provider’s server infrastructure, for example to alleviate peak loads. This solution can also prevent server outages. In this way, the advantages of an internal server (control and access to all levels of the system) can be combined with the advantages of the public cloud (flexibility and low administrative efforts).

Security and the Cloud

Most servers are connected to the Internet, since this multitude of servers is what makes the Internet possible in the first place. Hackers can take advantage two major weak points here. First: the system itself, and second: the people. As a result, data security isn’t just about implementing technical measures, it should also mean empowering a company’s employees.

How Vulnerable is Web-Based Technology?

The major cloud providers’ servers are probably better protected than most servers in small and mid-sized companies. After all, a cyber-attack would seriously undermine a cloud service provider’s core business operations. On the other hand, since cloud providers manage such a large volume of data, they’re also attractive targets. That’s why they make massive investments in securing their infrastructure. The cloud servers of major cloud service providers are therefore considered the most secure servers around.

Large companies can also be attractive targets for hackers, depending on their expertise and innovative capacity. That’s why you should be continuously strengthening your own security measures. These days, machine learning is also implemented to discover deviations in the system, since hacks can often otherwise go undetected.

How Individuals Can Contribute to Security

Hackers see themselves as creating new doorways into a system. Blocking their way only goads them on. Their intelligence, instincts, perseverance, and ambition allows them to uncover paths that others don’t see. Normally, these would be positive personality traits – it just depends what you use them for. Hackers who are hired by an organization to identify gaps in security are called White Hats. Their malicious counterparts are known as Black Hats. These hackers hack for personal gain, for example by illicitly obtaining personal data.

User accounts are easy targets. Potential gateways include USB sticks that are carelessly left lying around, phishing mails, or dubious calls in which hackers pose as cell phone service providers and asking for user data. Organized hacker networks are also no strangers to blackmailing. Their preferred targets include people with access to crucial points in their server infrastructure. That person is a vulnerability for the system, since people can be easily manipulated. The fact that the lines between our personal and professional lives continue to blur, for example through social media, isn’t necessarily an advantage for companies.

Employees’ lack of safety awareness makes things easy for hackers. Companies are well advised to invest in employee training ont the subject of data security. This starts with safely handling passwords, and also includes often-overlooked details like locking client computers when stepping away from your desk, as well as cunning phishing attempts which even professionals often fail to recognize as such at first glance.

The Cloud’s Opportunities and Risks

There are no simple answers in a complex and fast-moving field like digitalization. Opportunities and risks must be constantly re-evaluated and balanced against each other. The cloud offers companies flexibility, agility, and savings potentials. If their employees are spread out over several locations, or work from home, there’s no way to avoid an open server structure. Raising awareness about data security among users must be part of the plan.

There are also server structures that are completely shielded from the outside world. They can be deployed for highly sensitive applications, like managing a nuclear power plant. Today, many server structures are more or less open, however. The last question regards who is responsible for data security: your own IT team or a large cloud service provider.

How Does WeAre Use the Cloud?

Communication through Virtual Reality would be inconceivable without a cloud. The question is whether to use a private or public cloud. Data synchronization plays an important role in Virtual Reality meetings, since all the users must be able to view the VR environment and the objects displayed at the same time. All connected clients receive this data from the cloud, which is the only way to ensure synchronization and smooth communication. To this end, we work with two renowned cloud service providers: AWS (Amazon) and Open Telekom cloud (Deutsche Telekom). Both companies’ servers are located in Germany, so they are subject to German security standards as well as the GDPR. This solution allows us to offer the best user experience, while also allowing our clients to involve their external business partners in decision-making processes.

1) Based on: Star Trek, Starship Enterprise, USA 1965–1969

Sources:

Article: Cloud Computing. Wikipedia
Article: German Companies Lag Behind (Deutsche Unternehmen hinken hinterher). Comuterwoche
Article: Cyber Attacks on Factories and Plants (Cyberattacken auf Fabriken und Anlagen). Deutschlandfunk
Article: Cloud- versus Edge-Computing. Funkschau
Article: Top 15 Hacks: the Biggest Cyber Attacks on Companies (Hacking-Top-15, Die größten Cyberangriffe auf Unternehmen). Computerwoche
Podcast: IDG TECHtalk DE
Article: What are the Existing cloud Models? (Welche cloud Modelle gibt es?) Telekom
Article: Perfect Tandem (Perfektes Tandem): Edge Computing and public cloud. Telekom
Article: S/4 – cloud or not cloud, that is the Question (S/4 – cloud oder nicht cloud, das ist hier eine der Fragen). E-3 Magazin
Book: Gerald Münzl / Michael Pauly / Martin Reti (2015):cloud Computing as the New Challenge for Management and IT (cloud Computing als neue Herausforderung für Management und IT). Springer-Verlag, Berlin Heidelberg.
Advising: Thank you to Felix Benneker for his expertise on the subject.

written by
Bernhard Schaefermeyer & David Frühauf
Bernhard was responsible for the research, the editorial work, and the rough draft. David transferred the text into the final version. (Translation: TextMaster)

You want to know more about collaboration in virtual reality?