Cloud database security: Key vendor controls, best practices data warehouse as a service (DWaaS)

Should you run your database on premises or in the cloud?

Use of cloud databases is surging, but there are still reasons for on-premises ones. Here's a comparison of cloud and local database architectures to help you choose.

Cloud platforms have become a standard IT infrastructure choice for many organizations, and deployments of cloud databases are growing rapidly as a result. But one of the top questions many IT shops continue to face is whether they should choose an on-premises, IaaS or database as a service (DBaaS) platform for their database-driven applications.

Each architecture offers benefits to your organization and has potential drawbacks that include cost, control and configuration considerations. Choosing whether to deploy an on-premises database or a cloud database can be a difficult decision. Here's an overview of your options.

On-premises databases

Most IT and data management teams have ample experience with on-premises systems. Organizations have built data centers and server rooms that provide all the environmental safeguards, including temperature and humidity control; fire suppression; security; and redundant connectivity and power to ensure computing systems are safe, secure and highly available.

One thing that comes to mind in the cloud database vs. local database debate, as it's also framed, is the cost of hardware and software. With an on-premises database, organizations are required to buy, install and maintain all the hardware components. In addition, organizations must purchase the operating system, database software and a wide range of support-related software tools to secure, administer and monitor databases and the applications that run on top of them.

Infrastructure as a service

An IaaS database environment is a cloud architecture that is similar to running an on-premises database. With IaaS, the vendor provides the compute and storage infrastructure and may offer some level of system maintenance activities. Customers have direct access to the platform, which includes both compute and storage components. Think of it as a server in the cloud.

Organizations using IaaS don't have to build the server support environment to protect their systems. The cloud vendor provides all the environmental, security and redundancy features needed to prevent or reduce the effect of data breaches, unplanned downtime and other unfortunate events.

IaaS customers maintain ownership of the deployment and management of their software stack, including the OS and database. They install their chosen database management system software on the IaaS platform and then are responsible for administering the software.

Database as a service

DBaaS vendors provide all the environmental infrastructure benefits their IaaS counterparts do, but they increase their level of control and responsibility by assuming ownership of the OS and database software, in addition to the supporting infrastructure.

The vendors, which include the major cloud platform providers and other database makers that run their software on those platforms, also provide tools to help customers monitor their DBaaS environment. Although database administrators (DBAs) can configure the system to meet application workload requirements, and are responsible for coordinating with the DBaaS vendor on tasks such as patching and database backups, they perform little to no back-end software administration.

Comparing on premises, IaaS and DBaaS

The on-premises, IaaS and DBaaS approaches all have strengths and weaknesses that are inherent to their architectures. It's also important to note that there can be a lot of variations in IaaS and DBaaS vendor offerings. Nonetheless, the chart below provides a good foundation for comparing the three alternatives.

Comparison of on-premises, IaaS and DBaaS database architectures
A detailed look at the key differences between on-premises and cloud database architectures.

No database is an island

A key evaluation point when choosing between an on-premises database and a cloud database is to identify the amount of data you will be transferring back and forth to that architecture. Most operational databases take feeds from various sources, interact with other databases and systems as part of business processes, and produce data output that's sent to other applications. Getting information into and out of a cloud system can be challenging, especially if there are large data volumes, multiple database platforms and tight time constraints.

As a result, many IT shops have found that the cloud requires an all-in strategy. When the application software and the data it accesses are split between cloud and on-premises platforms in a hybrid cloud database environment, data access lag times can negatively affect performance. This is a significant problem for applications that require extremely fast response times, although there may be other reasons to go with a hybrid cloud approach -- for example, to meet data governance requirements by keeping certain data on premises.

On-premises database benefits

On-premises architectures are best for organizations that prefer total ownership and control of the security, availability, recoverability and performance of their database systems.

In addition, organizations running on-premises systems can use a wide range of database administration, performance monitoring and support-related tools to improve efficiencies and streamline operations. On the other hand, users often find it challenging to integrate third-party administration tools with a DBaaS platform because of modifications the vendors make to their systems.

Organizations that need to comply with internal data standards and industry-specific or government regulations may prefer -- or require -- an on-premises database setup because of the ease of visibility into those systems. On-premises platforms enable DBAs, compliance managers and other involved personnel to more easily provide supporting evidence of compliance to auditors.

IaaS benefits

Similarly, IaaS enables customers to maintain tight administrative control over their database environment. In addition, organizations can more easily use their favorite internal third-party products on IaaS systems. IaaS architectures also provide organizations with a higher level of visibility into their systems than DBaaS platforms.

DBaaS benefits

DBaaS offerings enable customers to more easily configure complex database architectures that include advanced high availability and disaster recovery features. Because cloud vendors assume responsibility for the entire DBaaS system, organizations also benefit from reduced support costs. Also, competition in the DBaaS market is fierce. As a result, DBaaS users can take advantage of a constant stream of new features and functionality from vendors of traditional SQL databases, NoSQL software systems and other types of databases to fit their application needs.

On-premises database vs. cloud database costs

The costs required to support database systems in an on-premises data center will be dramatically higher than renting either an IaaS or a DBaaS environment from a cloud vendor. But the cost comparison between cloud and local on-premises databases isn't as simple for organizations that already have huge investments in their existing data centers.

One of the initial selling points for the cloud was cost reduction. However, as organizations gained experience with cloud systems, they soon discovered that using the cloud didn't always produce cost savings when compared to on-premises platforms. There are numerous cases where pay-as-you-go cloud usage fees have eclipsed on-premises costs over an application's lifecycle.

That means evaluating initial and ongoing costs for IaaS and DBaaS systems is critical. You don't purchase cloud environments -- you rent them, and the rental fees are usually based on resource utilization, which can vary dramatically over time and as business needs change. Be sure to do your due diligence so your organization isn't surprised -- or shocked -- at the charges it incurs on cloud database systems.

Next Steps

On-premises vs. cloud data warehouses: Pros and cons

Cloud database security: Key vendor controls, best practices

How to plan and manage a multi-cloud database environment

Dig Deeper on Database management

SearchBusinessAnalytics
SearchAWS
SearchContentManagement
SearchOracle
SearchSAP
Close