How to choose the right physical security solution: On-prem or cloud security
The European languages are members of the same family. Their separate existence is a myth. For science, music, sport, etc, Europe uses the same vocabulary. The languages only differ in their grammar, their pronunciation and their most common words.
When planning your security system, a key decision is whether to opt for an on-premise solution or a cloud hosted approach. Many security professionals ask, “Should the infrastructure for capturing and storing data be retained onsite or hosted in the cloud?”
Both options have their advantages and disadvantages. By evaluating these differences, you can make more informed choices about which solution is better for your organisation’s needs – whether they are operational, financial or compliance related.
Key differences: On-premise or cloud
An on-premise solution (on-prem) is housed within a physical location in either the same building or estate as the physical security system. On-prem servers capture and store data from security cameras, access control systems, sensors and alarms which all sit over the same internal network. Data that is produced from these technologies can be viewed and analysed by people via monitors in a monitoring centre.
In contrast, cloud security systems capture and store data from the same above technologies, but house them in a secure data centre. Data is sent over the internet to the data centre and teams can access this information via the internet on either fixed or mobile devices, whether onsite or remotely.
Infrastructure
On-prem solutions require physical infrastructure such as servers, digital video recorders, software to manage the infrastructure and a network to connect with physical security components. These systems generate energy demands for power and cooling, with capacity determined by the number of connected devices.
A cloud system does not require any onsite servers or infrastructure, as all storage and management is handled remotely by a third-party provider (such as AWS, Azure, GCP). Storage capacity is effectively unlimited, depending on the subscription level, and data is sent directly from the security source to the cloud via the internet, which is accessible from monitors or remote devices.
The main difference is where the infrastructure is located. If space is at a premium, a cloud-based solution may be more practical and cost effective.
Management and maintenance
On-prem solutions require regular maintenance, which incurs costs and demands time and resources. However, this approach gives the organisation more control over its system.
Cloud based systems offload management and maintenance responsibility to the hosting provider, with costs included in a subscription. This reduces the need for in-house technical expertise which can be especially beneficial with limited IT resources.
Connectivity
On-prem storage devices require a robust internal data network to connect devices, with performance metrics such as speed, capacity and traffic prioritisation being critical for transmitting high volumes of data without delay or loss of quality.
Cloud security systems transmit data from individual security devices via public or private internet connections. In environments where security is a critical factor, a private network overlay may be necessary.
It is important for security professionals to carefully compare network performance, degree of security and other internal networking requirements.
Storage capacity
Recorders and servers used in on-prem solutions have a finite storage capacity. The calculation for storage is based on numbers of security cameras, security components, together with data gathered. As security cameras operate large file sizes, on-prem storage systems can quickly reach their limit. To handle volumes that exceed capacity, security teams can either add storage devices or delete data that seems unnecessary.
Cloud security systems offer infinite storage, with capacity governed by subscription levels. Adding new feeds or exceeding limits will require an increased subscription. Security teams can reduce subscription costs by developing a tiered storage strategy, storing non-essential data in a lower cost archived cloud system.
On-prem security teams must either delete data or add new servers. Cloud based systems can scale storage without additional infrastructure. The key consideration when comparing cloud and on-prem systems, is ensuring you have reliable access to vital evidence in the event of an incident.
Reliability
Commercial security is a 24/7 operation, so it is essential that the chosen storage offers the highest level of uptime.
On-prem solutions rely on the integrity of their internal components to maximise uptime. That means selecting servers, recorders and network components that provide the highest level of reliability. Where necessary, the storage system should incorporate redundancy so that incoming data can be automatically transferred to tandem devices. At network level, the system should also incorporate automatic rerouting and failure, as well as traffic prioritisation to minimise delay or disruption to data flows. Proactive maintenance on both storage devices and networks can reduce the risk to unplanned downtime.
Cloud based security, such as cloud computing, depends on the reliability of external elements including the internet and the host system. The greatest risk is internet performance, which can be slow or subject to service disruption. Implementing a private internet solution minimises delays but can incur additional costs. It is essential to check the level of uptime with the provider.
When comparing the reliability of the two systems, it is important to consider responsibility of maintaining reliability. On-prem solutions offer greater control over uptime, but they rely on maintenance capability and responsiveness of in-house support teams. Cloud systems reliability is dependent on factors outside the control of the in-house team.
Disaster recovery
If a fire, flood, or other disaster occurs and damages the storage infrastructure, the impact on security can be severe. The storage solution must provide continuity.
If an on-prem infrastructure is damaged or inaccessible because of a disaster, the security team must set up an alternative system in a temporary location. This can be difficult, costly and time-consuming depending on the complexity of the systems and is not likely to provide immediate continuity of service.
Where data is stored in the cloud, a disaster on the business premises will not result in a loss of service or access to stored data, although damage to cameras will disrupt feeds. Staff can access cloud data from any location using internet connected mobile devices.
Control and compliance
Some businesses may be subject to regulatory compliance or may want to protect mission critical security data, which influences the on-prem and cloud decisions.
When security data is stored on-prem, security teams have complete control over the data and can apply necessary policies and processes to maximise protection.
Storing data in the cloud may not be permissible under these regulations or contractual requirements, so it is imperative to check the storage solution is compliant. A hybrid solution may be the right option, with compliant data stored on-prem and others sent to the cloud.
Security monitoring
On-prem solutions require trained staff to manage and analyse data via CCTV monitors which are stored typically in control rooms on site. If 24 hours monitoring is essential, this may require staff to work out of hours at a higher rate than standard hours.
With cloud, security teams can access security feeds and store data from any location using an internet connected device. This increases operational flexibility and means that organisations do not have to retain staff onsite and out of hours.
Cloud security improves mobility for security teams; they can attend incidents while receiving up to date camera feeds and other information that can help them resolve incidents more effectively. Organisations with multiple sites can centralise monitoring operations through a cloud system.
Scalability
On-prem storage can scale to meet additional demands, new installations or centralisation of multi-site security operations. However, scaling the system requires procurement, installation and configuration of additional storage devices as well as additional space requirements and increased management and maintenance support. Acquiring and installing new equipment can take time and cause disruption to existing security operations. It increases capital costs for security.
When storage is hosted in the cloud, the security can be scaled up or down on-demand, ensuring that the system can accommodate change in a short timescale with minimal or no disruption to day-to-day security operations.
There is usually no capital cost for scaling a cloud security system, although it may require an increase in the regular subscription.
Systems updates
To optimise security, it is essential to have the latest software installed. With an on-prem solution, the IT team is responsible for managing and installing updates, ensuring the system is always up to date. This can be time-consuming, especially for large networks.
In a cloud security solution, software updates are handled by the cloud team and are often included as part of the service covered by a regular subscription. With systems that leverage over the air updates, the newest features and upgrades are implemented automatically, which can help protect against emerging threats or newly discovered vulnerabilities.
Customisation
Cloud based systems offer fewer opportunities for customisation. Subscriptions are often based on standard packages, though clients can change their access packages.
On-prem solutions allow for extensive customisation from tiered access levels to specific security protocols. However, this requires internal expertise and effort to build and manage.
Integration
Integrating security systems with other systems, such as environmental control or building managements systems, can help streamline and automate processes throughout the property. For example, data from access control systems or cloud security camera systems can provide valuable information on room or building occupancy levels. Integrating that data with environmental control systems allows heating, lighting or ventilation to be adjusted automatically in line with occupancy.
On-prem solutions may be built using legacy technology that do not have the same level of compatibility with systems built to open standards, making integration more challenging.
Cloud based systems are increasingly designed and built to open standards which can simplify integration with other compatible applications and systems.
Costs
When calculating costs, it’s important to consider both the initial set up costs as well as maintenance and reoccurring costs.
On-prem solutions require initial capital investment to acquire equipment, together with the costs of media storage and software licenses. There are other initial costs to install, configure and validate the system. Ongoing costs include renewal of software licenses, installation of software updates and upgrades, scheduled maintenance, repair and replacement of faulty units. Expanding the system will incur the same set of initial and ongoing costs.
Most costs for cloud security systems are rolled into a regular subscription including software license fees, updates, systems management, and maintenance. Depending on the provider, there may be initial set up fees. Expanding the system usually only requires an increase in the regular subscription. However, there are also connectivity costs to consider, such as broadband charges and any costs associated with overlay networks.
Cloud storage offers opportunities for cost savings in other areas, such as reduction in onsite security staffing costs. Security camera systems with cloud storage can help businesses adopt remote monitoring outside of business hours centralising multi-site security monitoring. Additionally, integrating cloud-based systems with environmental or building management systems can help to reduce energy costs by aligning energy consumption with occupancy patterns.
Security considerations
With on-premise solutions, the security team has full control over data protection by directly managing the storage systems or data centres. To maintain data security standards, organisations must have robust security teams in place to establish rules, procedures, auditing and prevent unauthorised access. However, the infrastructure can be vulnerable to attacks, data theft or damage by intruders. Data breaches can also occur due to accidental loss or damage.
Cloud security controls eliminate the risk of theft or damage from onsite security systems. However, internal teams have no control over the cloud’s security measures and must rely on the provider’s security protocols.
In multi-tenant cloud systems, customers share databases, resources and security. While each customer’s data kept separate, there is a potential risk of data spillage or breaches.
It’s also important to consider the security of data in transit when accessing cloud solutions. Data is normally encrypted at the source before travelling to and from the cloud via the public internet, which reduces the risk of data theft. However, as the public internet can be susceptible to hacking, many companies implement private internet facilities to better protect sensitive data during transmission.
Which solution is the right solution for your organisation?
Consider these factors:
- Do you have the space and capacity to house and manage on-prem servers?
- Is your internet connection secure and reliable enough for cloud-based systems?
- Are there compliance or industry-specific security requirements?
- Do you have emergency and disaster plans for data?
- How scalable do you need your system to be?
- What budget and timeline constraints do you face?
Both on-prem and cloud-based security solutions offer distinct advantages, and the right choice depends on your unique needs and priorities of your organisation.
Make an Enquiry
Contact us to enquire about our servicesOr, call us on 0333 300 1900