GIS isn't the first industry to make an exodus to the cloud—and it certainly won't be the last—but it does have some unique considerations for local governments evaluating making the jump to cloud GIS.
A primary concern for any local government when evaluating cloud GIS is security.
Hosting your own web mapping system on a server within your office just feels more secure, there is a physical box which you can see and touch and for the most part, you know exactly who has access and for what purpose.
But is a locally hosted server really more secure than a cloud based solution?
To answer this question we must first understand the main risks and attack vectors at the disposal of individuals with malicious intent.
There are two sides to server security, the first is physical security and the second is digital security.
Physical security is about securing the physical machine, and digital security is about controlling remote access to the machine.
Physical Security
Let's start by taking a look a little deeper at physical security. Physical risks could be from individuals with physical access to the machine, but also hazards such as fire, flood, lightning strikes or even earthquakes.
When it comes to the human element, at first glance it might be easy to assume that self-hosting offers a higher degree of physical security, but is that really the case?
Having a box humming away in the next room feels comforting, we can see who comes and goes, but is someone watching that machine 24/7? The physical security procedures in place for locally hosted servers in local government office tend to be basic and not systemized.
Take a moment and consider how many people have had physical access to your locally hosted servers?
Your list probably includes you and your staff, but then with a little more thought includes the cleaning staff, the site maintenance manager, his staff and likely third party contractors such as builders or pest control.
How many of these people have been vetted? Vetting might sound extreme, but this level of security is standard practice for the big players in the cloud server industry.
The biggest player in the cloud server space is Amazon, they were one of the first movers and used the pedigree in maintaining a massive global internet infrastructure to deliver a global cloud server network named AWS (Amazon Web Services) that powers half of the internet.
Amazon's cloud servers are rented by Netflix and NASA and everyone in between. Literally thousands of household names entrust a mission critical part of their operation (their online presence) to Amazon.
So what levels of security do you think are demanded from Amazon by Fortune 500 companies such as Capital One or GE?
Let's take a look at the highlight reel of physical security measures in play at all of Amazon's numbers global AWS data centers:
-
Background checks for all staff with physical/network access
-
Review of staff credentials every 90-days
-
Full audit log of all interactions with the servers
-
Access Control/Intrusion Detection and CCTV Surveillance
-
Fire detection and suppression
-
Climate and temperature control
-
Uninterrupted power supply systems and backup generators for the entire facility
The list goes on, but if you would like to geek out you can download a detailed whitepaper from Amazon that covers all aspects of their security practices.
Although local government offices strive for a high level of server security, the reality is that most branches of local government can't feasibly implement and maintain such a standard and understandably so.
Digital Security
Although physical security is important it is not the main attack vector, the vast majority of all server security incidents are the result of remote attacks.
The Hollywood version of a cyber attack is a young computer wizard sitting in a dark room punching incomprehensible commands into a terminal on his computer as he skillfully bypasses layer after layer of security.
The reality isn't anywhere near as difficult or exciting. Almost all cyber attacks are in fact automated.
They either work by scanning IP addresses and computer ports that are accessible from the internet or crawling websites looking for vulnerabilities.
These vulnerabilities are almost always known issues for which your operating system and software providers have released patches. A patch is an update to the software that fixes the vulnerability.
A patch is a super easy fix provided it has been installed. But there can literally be hundreds or even possibly thousands of software packages, libraries, and utilities running on a local government office network.
For IT support staying on top of these patches daily would be a full-time job, and one which will never make as much 'noise' as an unstable office internet connection or the broken keyboard of the boss of your boss.
For cloud service providers technology is their bread and butter, and service stability is their reputation. Therefore you can be sure that they have more than enough resources to stay on top of security patches and network security.
Once again let's take a look at Amazon and some of the processes they have in place:
-
Secure Network Architecture / Secure Access Points
-
Corporate Segregation (servers on a different physical network to staff)
-
Fault Tolerant Design (one system goes down a replacement goes up)
-
Network Monitoring and Protection
Still not convinced? Amazon has been compliance audited for the following external compliance standards:
-
SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70)
-
SOC 2
-
SOC 3
-
FISMA, DIACAP, and FedRAMP
-
DOD CSM Levels 1-5
-
PCI DSS Level 1
-
ISO 9001 / ISO 27001
-
ITAR
-
FIPS 140-2
-
MTCS Level 3
But What About the Cloud GIS Providers Themselves?
You now have a good overview of how stringent the security practices are for Amazon, the leader in the cloud server space. But how about the companies that offer cloud service companies that use Amazon's servers, how secure are they?
I'm well qualified to answer this question as the CEO of Mango a company that provides a cloud GIS system used by local government around the world.
At Mango we use Amazon AWS for all of our servers and I'm sure by now you have established that I'm a fan.
Mango gets to stand on the shoulders of giants, we directly benefit from all of the underlying best in class security practices that Amazon have in place.
Having Amazon take care of infrastructure security means that we can focus on our core mission of delivering to you the world's most user-friendly web GIS system.
But that said, Amazon doesn't cover everything. It's still our job to secure our software running that's running on Amazon's servers and ensure security and stability for our users.
We take security very, very seriously. And in addition to the security net provided by Amazon AWS we also have the following processes in place:
Transmission Security
All server requests to Mango are sent and received via SSL (secure socket layer) which uses a 256-bit encryption validated by GeoTrust.
Rolling Backups
We take a snapshot of our servers daily and keep each snapshot for seven days. A snapshot isn't just a data backup. It's a complete copy of the server including the operating system and all data.
This means in the unlikely event of a critical failure we can instantly bring a complete copy of the server online.
Automatic Failover
All of our core servers have a failover server in place. These are servers that are constantly standing by to take the place of any servers that run into problems such as a hardware failure or crash.
The second our monitors detect a problem, the server in question is swapped out and replaced by its failover.
24/7 Server Monitoring and Alarm Systems
All of our servers a monitored 24/7/365. It doesn't matter if it's 3am on Sunday morning or Christmas Day, the moment a server experiences problems alarms are activated on the cellphones of our on-call technicians.
Map Data Storage
All map data uploaded to Mango is not stored in its native format. It is converted into an intermediary format that cannot be opened or read by desktop GIS packages.
Data uploaded to Mango is not accessible or shared with any third parties and when you delete a dataset from your account it is completely deleted from our servers and not stored for any kind of future use.
Summary
To sum things up security isn't something that is compromised when making the transition to the cloud, in 99.9% of cases it's a massive benefit. We are the ones diligently watching the servers around the clock so that you don't have to.
If you are in the process of evaluating a move to a cloud GIS system such as Mango I encourage you to share this article with your colleagues. You will have your own unique security requirements and concerns but this article provides a great starting point for those discussions.