Q: What's the difference between cloud and in-house servers?

There's a lot of information available online about the difference between cloud and in-house servers, so we'll keep it short and relevant for our audience. With an in-house server, you own the infrastructure and don't share it with anyone else. You (or more likely your IT vendor) is responsible for monitoring, updating and security patching the server to keep things running smoothly. Some of these activities may result in downtime and/or outages if not managed well. When it comes to disaster recovery with in-house servers the risk lies solely with the infrastructure.

When you choose cloud services you will be sharing space with other customers on a network of servers. The cloud vendor (e.g. Microsoft) looks after and maintains the system and wears the cost of bandwidth, hardware and service development. Because so many customers use the system, the initial investment to join is almost zero. A cloud network is extremely reliable because it is made up of multiple data centres. If there is an issue then the workload is distributed among the remaining data centres, and in most cases users will not even be aware this has happened.

Q: Are cloud services less secure than in-house servers?

Cloud services can, in fact, be more secure than in-house servers given that critical security patches are deployed in real-time and with lightning efficiency. But both in-house servers and cloud have security risks that need to be managed - they are just different risks. When moving to cloud services, users will be using the internet to access their organisation's data. As well as firewalls being even more essential than ever, user sign-in credentials present a new opportunity for security breaches. Security features like multi-factor authentication, conditional access and password management become key tools against this new type of risk. And more than ever, user education also becomes an important defensive strategy.