LET’S TALK
Information technology isn’t your business. Let us help you determine how technology can make your company safer and more productive.
View our privacy policy here.
You’ve got questions, we’ve got answers.
Cloud Services
I have migrated all services from my local on-premises server to Office 365, turned off and disposed of my local server. I now access my data via secure HTTPS connections to Microsoft services. Do I still need a firewall for the company network?
CTP does recommend that all businesses operate behind a firewall, for these reasons:
- protect all network resources from inbound Internet connections and attempts to gain control of established connections. This includes computers, and also any other IP based devices – the Internet of Things, IoT.
- security services provided by most firewalls provide inspection of all traffic, looking for a range of problems – virus or other malware, transmission to known compromised Internet addresses, possibly disallowing from known high risk countries or locations, blocking access to known compromised web sites, and more.
- Throughput – as part of the processing of migrating resources from a local server to cloud hosted, attention should be given to the Internet connection. It has become commonplace for business class connections to provide 100Mbps service and faster. It follows that the firewall protecting the local network should be able to support that bandwidth, rather than serving as a bottleneck at significantly lower bandwidth. And this measure of throughput should take into account the impact of security services on data throughput.
- Availability – Having data cloud based will not help in the event that company Internet service is down. Granted employees can work from another location. However, firewalls can generally receive connections from two or more Internet Service Providers (ISP), such that Internet service remains available in the event that either of the ISPs goes down.
- Other security services may be available – for instance decryption of TLS connections for inspection, and restriction of web sites by content type.
1) Shared server resources;
2) High availability managed in the datacenter
3) No responsibility for hardware refreshes.
CTP Cloud offers a backup as an option, allowing for restore of individual files or folders from a point in time. You may elect to use an alternate backup solution. All severs are replicated within the data center, as part of the basic service availability requirement, but this should not be considered a backup solution.
CTP Cloud is a Boston company, with datacenters in the Boston area – only. We are local, with local people and local resources.
One reason companies have justified an on-premises server is local performance – no one wants to have time to go find a cup of coffee while waiting for a file to open!
Performance will always be faster for the on-premises server – and yet many of the perceptions of local vs hosted services (LAN (Local Area Network) versus WAN (Wide Area Network) come from days when a fast ISP (Internet Service Provider) connection was 1.5Mbps (a T1 line), and often was much less. Today a typical business Internet connection is 100Mbps – the speed of the LAN not so long ago.
The question is not really fair – “is cloud service slower” – on a technical level, of course service will be slower working over the Internet. A different question might be whether performance accessing documents and information over the Internet is acceptable, or whether it is slowing down employee productivity. One perspective is that satellite offices of large companies have been operating over the WAN for many years – larger companies typically have a central data center, and do not place servers in satellite offices.
Discussion of network performance often centers around bandwidth. As important is latency – the time required for data to be received after placing the request. Years ago latency was typically in the 80 msec (MilliSecond) range – today it is generally below 14 msec. This can be the difference between waiting an inordinately long time to open or print a document, and having that operation complete in moments time.
The short answer is that performance of cloud service has been found to be excellent and highly workable for most companies over a number of years.
Where performance falls below acceptable, there are generally good options in the Boston area, including high speed fiber, coax and microwave.
With a smile!
Truly – for the needs of most small business, Office 365 services, including Azure AD (Active Directory) can provide all of the network services that have been provided traditionally by the on-premises office server.
There are office applications that are well known to not work well over the Internet or other WAN. Accounting programs are a widely used example. The transition by software companies to SaaS hosted solutions is widespread – it is highly likely that any software package that your company is currently using is now available as a cloud hosted service.
That leaves the networking services – DNS for name resolution, DHCP for automatic network configuration of computers attached to the network. Both of these services can be provided by the local Internet router or firewall present on the company network.
It follows, then, that the old on-premises server can be tossed following migration to cloud hosted services, including Office 365.
Office 365 services, including Exchange Online and SharePoint Online, provide highly available service through redundancy of databases, replicated both locally within a Microsoft data center and between different data center locations. These mechanisms make it highly unlikely that data will ever be lost for any of these services.
Data backup is different from replication. For instance, in the event that a corrupt file is saved, that corrupt file will be faithfully replicated to all instances, replacing the previous valid copy of the file. To be fair, both SharePoint and Exchange Online services include provisions for retrieving an older version of the corrupt file in this example. This does not get around the fact, though, that data is not backed up by Microsoft.
Third party services are widely available for backup of Office 365 services. CTP does recommend a third party backup, both for the case of retrieving a file version that cannot be retrieved from the Office 365 system, and also from the good practice of maintaining a full copy of your company’s data in more than one location – Microsoft, and the data center of the third party service.
Two-Factor Authentication requires an end-user provide a password and a code from a physical device. The term Multi-Factor Authentication (MFA) has taken the place of two-factor authentication, simply because the technology deployed initially for two-factor authentication has evolved, such that the implementation has become much broader than the initial systems for two-factor authentication, while retaining the requirement of authenticating with both something memorized and something obtained from a physical device.
Information stored as e-mail and file share data often makes up a significant share of the intellectual assets of a company. Said simply, loss of e-mail and file share data would be a very significant loss for many companies. In the traditional model of the past, that data was stored on a server located on-premises, backed up daily to removable media that was then stored off-site.
Moving of all company resources to a hosted cloud service is compelling from the cost standpoint. In the case of Microsoft Exchange and SharePoint Online, company data is stored in a shared database – either SQL in the case of SharePoint, or a close relative for Exchange. These databases are replicated to other servers – it is likely that Microsoft is maintaining at least four database replicas across more than one physical location.
If data of many companies is stored in a common database, how is that data kept private and secure? Here the respective platforms, Exchange and SharePoint, rely on security structures that restrict access of data to authorized accounts, and these structures are faithfully extended to all aspects of the service – the company address book, as displayed in Outlook, for instance, shows only company employees. And not to overlook, your company data can also be encrypted on either of these platforms.
Exchange and SharePoint Online are hosted services – Software as as Service – SaaS. Indeed, the model of providing a software as a cloud hosted service is not new, and has been widely adopted by business.
And so the answer is that corporate data, hosted on Exchange or SharePoint, is stored in a common database, kept private by security structures of the software, and optionally encrypted at the file or message level via a key that is unique to your company.
CTP Cloud does offer Managed Services, which will support employees and their assigned equipment (PC, laptop, other), as well as server updates and administration. Your company can alternately choose to assign this role to an employee or other individual.
Yes. Server(s) of each company reside on a separate and secure network, in a Boston datacenter.
Backup & Recovery
Veeam backups copied to the Cloud Service Repository are in a form that can be easily and quickly mounted as a Virtual Machine. At this point the VM is the same server as had been running in your datacenter, at the point of the last backup. Depending upon the nature of the disaster, your company network can be connected directly to the CTP datacenter via VPN, or your employees can connect directly and securely to the datacenter from any Internet accessible location. All connections are secure and isoloated to your compay.
Most of our customers operate a Veeam B&R server in their local datacenter, licensed on a rental basis, and backing all servers to local storage – most often a NAS device. Veeam Cloud Connect, hosted by CTP, appears as a repository to the local Veeam server, allowing for backup sets to be copied off site.
CTP can present as a remote repository in this scenario, as well, and offering the same Disaster Recovery resources.