Cloud-hosted security is gaining in popularity as more organisations move to other cloud based services such as Microsoft Office 365.
This trend is also moving to physical systems such as access control and CCTV.
Cloud-hosted solutions enable organisations to scale their requirements up and down as required.
Accessing cloud-based services also allows small and medium-sized companies to access enterprise-grade solutions at an affordable cost.
What is Cloud-hosted security?
In practice, this means that the access control system is installed on a server owned by a third party.
The storage, network and servers are also owned and managed by that third party.
Multi-tenanted versus Dedicated Servers
In a multi-tenanted server environment, a single server will provide services to multiple organisations.
This enables the service provider to generate more revenue per physical server.
There are strict controls and design practices implemented as to who can manage and access each customer’s installation.
In a dedicated server environment, the service provider will still own the hardware and infrastructure, but only a single organisation can access the server.
This will be a more expensive option, it will reduce the risk of other organisations gaining access to another organisation’s system.
Service Provider and Server Considerations
It’s important to understand the architecture and protection of the hosting environment that’s being used for the server software.
There will always be a potential risk of operating with a system outside of the client organisation, which requires diligence when selecting suppliers.
Data encryption and strict logical access controls should also be in place to protect client data.
Controller Equipment Considerations
What will the controller be able to do if the network connectivity between the service provider and the site goes down?
Controller hardware deployed in a cloud-hosted solution should have its own local intelligence.
This means it should be able to operate without needing live communications with a server.
This will ensure that if the server or network goes down, your organisation is still protected.
Network and Communications Considerations
If the controller equipment is capable of running without network or server, the need to deploy highly resilient networks are lower.
If there are specific functions that require live connectivity for specific sites, this should be assessed based on risk and operational requirement.
When do we need high availability networks?
If the site remains secure and operational, but we do not need real-time logs and event information, a single communications link will be fine.
If real-time logs or communications with remote sites, or data communication for CCTV is required, high availability networks are needed.
High availability networks are generally made up of the following:
- Two separate communication lines between the critical site and the service provider
- Two different service providers (one per communication line)
- The physical communications media should also be routed in different locations on site.
While more expensive and complex to install, high availability networks ensure that a single issue with a communications link, service provider or works on site do not affect communications.
Question: Do you plan to move your security into the cloud?