Cloud services are infrastructure, platforms, or software that are hosted by third-party providers and made available to users through the internet.
Cloud services facilitate the flow of user data from front-end clients (e.g. users’ servers, tablets, desktops, laptops anything on the users’ ends), through the internet, to the provider’s systems, and back. Users can access cloud services with nothing more than a computer, operating system, and internet connectivity or virtual private network (VPN).
Cloud storage is a model of computer data storage in which the digital data is stored in logical pools, said to be on “the cloud”. The physical storage spans multiple servers (sometimes in multiple locations), and the physical environment is typically owned and managed by a hosting company. These cloud storage providers are responsible for keeping the data available and accessible, and the physical environment secured, protected, and running. People and organizations buy or lease storage capacity from the providers to store user, organization, or application data.
Cloud storage services may be accessed through a colocated cloud computing service, a web service application programming interface (API) or by applications that use the API, such as cloud desktop storage, a cloud storage gateway or Web-based content management systems.
Outsourcing data storage increases the attack surface area.
- When data has been distributed it is stored at more locations increasing the risk of unauthorized physical access to the data. For example, in cloud-based architecture, data is replicated and moved frequently so the risk of unauthorized data recovery increases dramatically. Such as in the case of disposal of old equipment, reuse of drives, reallocation of storage space. The manner that data is replicated depends on the service level a customer chooses and, on the service, provided. When encryption is in place it can ensure confidentiality. Crypto-shredding can be used when disposing of data (on a disk).
- The number of people with access to the data who could be compromised (e.g., bribed, or coerced) increases dramatically. A single company might have a small team of administrators, network engineers, and technicians, but a cloud storage company will have many customers and thousands of servers, therefore a much larger team of technical staff with physical and electronic access to almost all of the data at the entire facility or perhaps the entire company. Decryption keys that are kept by the service user, as opposed to the service provider, limit the access to data by service provider employees. As for sharing multiple data in the cloud with multiple users, a large number of keys has to be distributed to users via secure channels for decryption, also it has to be securely stored and managed by the users in their devices. Storing these keys requires rather expensive secure storage. To overcome that, key-aggregate cryptosystem can be used.
- It increases the number of networks over which the data travels. Instead of just a local area network (LAN) or storage area network (SAN), data stored on a cloud requires a WAN (wide area network) to connect them both.
- By sharing storage and networks with many other users/customers it is possible for other customers to access your data. Sometimes because of erroneous actions, faulty equipment, a bug and sometimes because of criminal intent. This risk applies to all types of storage and not only cloud storage. The risk of having data read during transmission can be mitigated through encryption technology. Encryption in transit protects data as it is being transmitted to and from the cloud service. Encryption at rest protects data that is stored at the service provider. Encrypting data in an on-premises cloud service on-ramp system can provide both kinds of encryption protection.
Performance for outsourced storage is likely to be lower than local storage, depending on how much a customer is willing to spend for WAN bandwidth
Reliability and availability depends on wide area network availability and on the level of precautions taken by the service provider. Reliability should be based on hardware as well as various algorithms used.
Its a given a multiplicity of data storage.
- Security of stored data and data in transit may be a concern when storing sensitive data at a cloud storage provider.
- Users with specific records-keeping requirements, such as public agencies that must retain electronic records according to statute, may encounter complications with using cloud computing and storage. For instance, the U.S. Department of Defense designated the Defense Information Systems Agency (DISA) to maintain a list of records management products that meet all of the records retention, personally identifiable information (PII), and security (Information Assurance; IA) requirements.
- Cloud storage is a rich resource for both hackers and national security agencies. Because the cloud holds data from many different users and organizations, hackers see it as a very valuable target.
- Piracy and copyright infringement may be enabled by sites that permit filesharing. For example, the CodexCloud ebook storage site has faced litigation from the owners of the intellectual property uploaded and shared there, as have the GrooveShark and YouTube sites it has been compared to.
- The legal aspect, from a regulatory compliance standpoint, is of concern when storing files domestically and especially internationally.
- The resources used to produce large data centers, especially those needed to power them, is causing nations to drastically increase their energy production. This is leads to further climate damaging implications.
A cloud archive is a service involving vendor storage of client data sets in the vendor’s own infrastructure. Like other cloud services, the cloud archive happens through the web data gets moved from on-premise, in-house systems to a cloud destination somewhere in the vendor’s network. A cloud archive with data retrieval capability is one of the most basic and fundamental cloud services that vendors provide in today’s technology.
A cloud archive can cut down on a company’s in-house costs. Companies that use the services are now familiar with the principle that by ordering vendor cloud storage, they can eliminate the high costs and other effort of buying and installing servers and disk space in their own business locations.
As cloud services have advanced, cloud archives and other options provide easy, on-demand, scalable services, and are becoming easier and easier to adopt. That’s leading a massive trend toward cloud adoption, including contracts for cloud archives and cloud storage. The agreements should contemplate when and how the data will be retrieved from the cloud archive, according to the business needs. In some cases, data retrieval will be rare in other cases, it may be more of a common requirement. Like other cloud services, a cloud archive can be documented through something called a service-level agreement that is upheld by a vendor and client.