So you’ve decided to move your information to the “cloud,” i.e., storing and accessing data and applications from your desktop, laptop, kiosk, tablet, smartphone, or other device of choice – all done via an Internet connection. Next, you need to determine which type of cloud-based system – public or private – is best for you. Finally, choose a trustworthy cloud provider. Here’s some information on how to pick your cloud type and provider.
Public Cloud vs. Private Cloud
A public cloud is one where the services provided are open for public use and generally accessible with any internet connection. A private cloud is usually built to serve only the users associated with a single organization or group. A private cloud has many of the same characteristics of a public cloud but there is a lot more security associated with accessing resources, including firewalls and other secured connectivity. The firewall can either be a software program running on a server, or an actual piece of hardware, that analyzes incoming and outgoing network traffic to control who should be allowed access, based on predetermined criteria. Access to the private cloud requires proper credentials (e.g. User ID, passcode, special key number, etc.) to get past the firewall. A private cloud blocks any traffic that does not meet the access criteria.
Also private cloud hardware is often dedicated to supporting only that particular private cloud and not shared with other applications or users. Physical and logical separation of information is in place to ensure that the data is not only secure from the outside, but also from each other.
A private cloud may utilize a secure network connection rather than the Internet. This adds another level of security that excludes public access to the private cloud. Though it may be a more costly approach, if security is a major concern the added expense may be cost-justified.
Now it’s time to pick the right type of cloud – and provider – to fit your needs. Here’s how:
- Thoroughly define your security needs. Which type of cloud better fits the requirements you need to maintain business-critical continuity/disaster recovery protocols for the health care industry? You need to ensure that your data will be both safe and accessible. By defining your security policy for each application you can clearly state the requirements for creating and maintaining a secure cloud environment.
- Don’t discard your IT Service Management (ITSM) strategy. An ITSM strategy defines your process around IT delivery including cloud environment policies and procedures, change/support management of your overall infrastructure, and both on-premises and off-site management of your data center applications.
- Put your potential cloud provider through their paces. The organization you entrust with your important data and integral cloud services must themselves be trustworthy. Do your homework regarding their physical data center and its security parameters, the network through which your data will flow, and how the provider complies with the numerous legal health care data requirements in existence.
