PROS & CONS OF CLOUD HOSTING VS IN-HOUSE SERVER





What is Cloud Hosting?


When it comes to deciding which server is best for your company, there is a huge amount of information to evaluate. The first consideration is how critical uptime is to your company. Businesses that aren’t dependent on uptime are often more suited to in-house servers than businesses that rely on online transactions.


There are two primary options for hosting data for businesses which are in-house servers and cloud-based servers. In-house server is a server that is stored and maintained in your physical office space. Therefore, there is no need for an internet connection to access your data. You have physical control over your backup at all times. Meanwhile, A cloud-based server is located online, with all operations performed over a secure internet connection. Rather than requiring physical in-house equipment, cloud servers are accessed remotely from a service provider.





Advantages and Disadvantages of Cloud Hosting and In-house Server


Let’s draw a comparison between them, which will help you make the right IT platform for your business.


An in-house server can be beneficial for many reasons. First, it keeps all critical and sensitive information at your fingertips and away from third parties. Since both equipment and software are in-house, the company can determine who has access, when information can be disclosed, and how to adjust security and privacy policies based on what they are doing. This option can also be more cost-effective for small to mid-sized businesses. Whereby, it may be cheaper for businesses that aren’t concerned about uptime. Apart from that, companies may be able to make changes without having to wait on an external company, to the extent that technology is maintained by well-trained, on-site staff. Agencies may also have more flexibility over customizing certain features.



However, In-house servers have a few downsides as well. Companies will need to hire IT staff or an external IT consultant to maintain and update equipment and software including servers, networks, databases and back-up devices. If an outside vendor, consultant or volunteer maintains these systems, policies and procedures should be in place to protect sensitive data, clearly communicate expectations and spell out consequences for data breach.





Besides that, companies still need to ensure that they have policies and infrastructure in place to secure sensitive data. In-house server setup may lack the IT security measures that are necessary to counter the prevalent IT threats. Policies should include access levels, user passwords, and retention and destruction guidelines. Infrastructure includes servers, networks, back-up devices, and software updates to maintain databases and protection against breaches and malware.


Lastly, In-house servers also require a substantial investment in infrastructure and hardware. Additionally, you will need physical space to store your server, such as a closet or rack. In-house servers can potentially be more vulnerable in disaster situations. In order to protect your data, it must be moved off site routinely.



With cloud-based servers, you can eliminate capital expenses. Storage can be added on the cloud whenever necessary; therefore, you only pay for what you need. In addition, your data is stored securely, but can be accessed by team members from any location on any device at any time. Data can be backed up every few minutes, effectively minimizing catastrophic loss in the event of a disaster.


In contrast, the cost of data recovery could overshadow the advantages for businesses that are not dependent on instant recovery. In general, cloud-based companies will have basic security in place to protect the data they are storing. The level of security will differ depending on the type of service; some services may have stronger security than others. Even major cloud-based companies have experienced breaches and hacks, however. Additionally, if the internet goes down, you will not have access to your information until it goes back up. Of course, your business may have a limit to how much data can be stored in the cloud due to cost and space availability. You can compare the cost of several small business and NAS setups in this blog post by Cloudwards.





As for the cons for cloud-based servers, it is a time-consuming data recovery. While the cloud makes data backup easy, restoring large amounts of data can take a lot of time even with a fast internet connection.


Cloud-based companies store data created by the agency and most can also access that information. This can be extremely problematic, particularly when the data contains survivors’ personally identifying information (PII). Advocacy agencies must look at the degree to which the cloud-based service is secure, how the company might purposely or inadvertently share data, and how much control the agency has over access to and retention of its own data.



Many cloud-bases companies don’t actually own the servers where the data is being stored, but rather contract with yet another company for the data storage and that company may have different policies and practices around security and access. These companies may state that their employees are not allowed to access customer data, but that doesn’t mean that they can’t access it. While this access could be necessary as part of their business practices or for maintenance purposes, the ability of a third-party such as the cloud-based company or its employees to access any PII about survivors would be a violation of federal confidentiality laws.


As an added protection, some cloud-based companies, such as EmpowerDB, offer what is called “Zero Knowledge Encryption,” which means that the company has zero knowledge of or access to the agency’s data. With zero knowledge systems, the agency retains complete control over the data by maintaining the encryption key to its own data.


Even if they can’t access the sensitive data itself, cloud-based companies may collect information such as usage, user accounts, and IP addresses and share this information with affiliates and other third parties, such as advertisers. Advocacy agencies that are considering using cloud-based services need to be aware of all the ways in which cloud-based companies may access and share their data.





Which Type of Cloud Provider to Choose?


In a nutshell, the first and foremost factor when considering whether to use a cloud-based service is the extent that the privacy and security of sensitive data can be maintained. This is particularly important for domestic violence and sexual assault agencies that have to meet federal confidentiality obligations. Regardless of what you choose, it’s important to equip and train your staff with the information and security tools to help them keep their systems, accounts, and your business secure in this digital era.



STAY CONNECTED