• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News, Physical Security

Is the Cloud More Secure Than On Prem?

Recent attacks against on-prem systems are showing us that the cloud is turning out to be a safer place to store data.

August 31, 2021 Zachary Comeau Leave a Comment

Cloud Security, manageengine SIEM Log360 Cloud
stock.adobe.com

Both the cloud and on-premises systems have their advantages and disadvantages, but recent attacks against on-premise systems coupled with the proliferation and advancement of cloud-based IT architecture are tilting the scales in favor of the cloud.

A company that owns its own on-premises servers has more control over security, but are responsible for all of the upgrades, maintenance and other upkeep – not to mention the large up-front costs associated with the hardware.

In the cloud, most of that upgrading and maintenance is done by the provider, and organizations can pay for those services on a fixed, monthly basis.

Although on-premises systems have historically been viewed as more secure, recent attacks say otherwise, says Aviad Hasnis, CTO of autonomous breach protection company Cynet.

“It’s a trend that has really stressed out the fact that companies – especially in the mid market – that utilize these kinds of on-premises infrastructure don’t usually have the capabilities or the manpower to make sure they are all up to date in terms of security updates,” he said.

That’s why we’ve seen so many successful attacks against on-premises systems of late including the ProxyLogon and ProxyShell exploits of Microsoft Exchange Server vulnerabilities and the massive Kaseya ransomware attack, Hasnis says.

Why are there more attacks against on-prem?

One of the main reasons there are more attacks against on-premises systems is the fact that most cloud vulnerabilities aren’t assigned a CVE number, which makes it hard for hackers to discover the flaw and successful exploit it.

Case in point was the recently disclosed Azure Cosmos DB vulnerability. Microsoft mitigated the vulnerability shortly after it was discovered, and no customer data appears to be impacted.

Meanwhile, known vulnerabilities in on-premises systems are exploited until the IT department can patch their systems. For example, the ProxyLogon and ProxyShell vulnerabilities in Microsoft exchange were assigned a CVE and patched shortly after they were disclosed, but organizations that were slow to patch or implement workarounds remained vulnerable as attackers seized on the newly discovered flaws.

In the case of the Kaseya attack, the damage was limited to only on-premises customers of Kaseya using the VSA product, but once the breach was disclosed and the company had to manually reach out to customers and urge them to take their servers down.

Attacking Kaseya’s SaaS customers likely would have raised additional red flags that could have stopped the attack in its tracks, Hasnis says.

“There are many different defenses for detecting this kind of threat behavior,” Hasnis says.

Is the cloud safer?

In general, the cloud can be a much safer place to be if your organization practices SaaS Security Posture Management (SSPM), which, according to Gartner, is the constant assessment of the security risk of your Saas applications, including reporting the configuration of native SaaS security settings and tweaking that configuration to reduce risk.

For example, someone using Microsoft 365 without two-factor authentication should trigger a warning, Hasnis says.

“The fact that someone uses cloud or SaaS infrastructure doesn’t necessarily mean it’s safe, but they have to make sure their organization aligns with the best security protocols,” Hasnis says.

Especially for smaller organizations that don’t have the in-house staff and expertise to update and patch on-premises systems after an attack, migrating to the cloud can help cut down on that response time and keep the company safe by enlisting the help of the provider and other internal IT experts.

“If your organization is spread around the globe in more than one location and you’re working on-prem, you don’t necessarily have access to all of the different infrastructure within the environment,” Hasnis says.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Cloud, On premises

Related Content:

  • Cloud, SASE, Aryaka How the Cloud is Redefining Media Production and…
  • Singlewire Software mass notification interview Singlewire Software on Mass Notification Solutions
  • URI catchbox 1 Catchbox Plus: The Mic Solution That Finally Gave…
  • Engaging virtual meeting with diverse participants discussing creative ideas in a bright office space during daylight hours Diversified Survey: Workplace AV Tech is Falling Short,…

Free downloadable guide you may like:

  • Practical Design Guide for Office SpacesPractical Design Guide for Office Spaces

    Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-face time with co-workers. When designing the office spaces — and meeting spaces in particular — enabling that connection between co-workers is crucial. But introducing the right collaboration technology in meeting spaces can […]

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.