CLOUD vs. ON-PREMISE SECURITY SOLUTIONS

On-premises solutions require an on premises infrastructure in the building: servers or digital video recorders, software to manage the infrastructure and a network to connect the infrastructure with the security or access control system components.

On-premise environments will also generate energy requirements to power the storage devices and any associated cooling systems. The size and number of on-premises servers or recorders is determined by the number of feeds from individual security components. The more cameras, readers and alarms in a building, the more servers will be required.

A cloud security system requires no physical servers or infrastructure on the premises. The storage and management systems are housed in the cloud environment, usually managed by a third party.

Storage for cloud security systems does not require an internal network; data is transmitted directly from the security source to the cloud via the Internet. Data can be reviewed on an on-premise monitor or via remote connection on mobile devices.

If the infrastructure is retained on-premise, the business is responsible for management and maintenance. This will generally be the responsibility of the IT team, so it is essential that team members have the skills to manage both the infrastructure and the internal networks. On-premise solutions require regular maintenance to ensure reliable operation, which can be time-consuming for the IT team. However, this also gives the business full control and oversight of their security systems at all times.

Contact APSS to discuss a possible Service Level Agreement for an On-Premise Security Solution to help with maintenance.

When the system is cloud-based, the hosting company takes responsibility for management and maintenance and the cost is included in the regular subscription. The cloud infrastructure is managed and maintained by specialist staff with the necessary skills.

To connect on-premise storage devices to individual security and access control components requires the installation and maintenance of a secure internal data network. The network must have the speed, capacity and traffic prioritization capability to transmit high volumes of data like high-resolution video images for different video surveillance infrastructure, such as commercial surveillance systems or parking lot camera systems, without delay or loss of image quality.

Cloud security systems transmit data from individual security devices via public or private Internet connections. Where security is a critical factor, a private network overlay may be necessary. While the Internet has the capacity to transmit the large file sizes generated by security cameras, transmission speeds and image quality are determined by the type of Internet connection and variable traffic conditions on the public network.

Recorders and servers used in on-premise solutions have a finite storage capacity. The calculation for initial storage capacity is based on the number of cameras and other connected security components, together with the volume of data generated. As security cameras generate large file sizes, on-premise storage systems may quickly reach their limit. Adding new devices or security cameras for schools or universities, large corporate campuses, and other buildings that require increased store demands.

To handle volumes that exceed capacity, security teams can either add new storage devices or delete data that seems unnecessary, which is why businesses with on-prem solutions often have rigorous data management practices in place. 

Cloud security systems have infinite storage capacity, although individual storage limits are determined initially by the type of subscription. Adding new feeds or exceeding limits will require an increased subscription. Security teams can reduce subscription costs by developing a tiered storage strategy, storing non-essential data in a lower-cost archive cloud system.

On-premise solutions depend on the reliability of internal components to maximize uptime. That means selecting servers, recorders and network components that provide the highest levels of reliability. Storage devices and storage media must be designed for continuous, reliable operation with minimal maintenance.

Cloud-based security, like cloud computing, depends on the reliability of external elements, including the Internet and the host system. The greatest area of risk is Internet performance, which can be slow or subject to service disruption. Implementing a private Internet solution reduces the risk of delay of disruption, but incurs additional costs. A cloud provider will always aim at the highest levels of reliability, but it’s essential to check the level of uptime offered in service contracts.

If an on-premise infrastructure is damaged or inaccessible because of a disaster, the security team must set up an alternative system in a temporary location. This can be difficult and time-consuming depending on the complexity of the system and is unlikely to provide immediate continuity of service. 

Where data is stored in the cloud, a disaster on the business premises will not result in a loss of service or access to stored data, although any damage to key cameras such as security cameras in schools or other security devices would disrupt current feeds. The cloud infrastructure is not affected by local issues and security staff can access cloud data on internet-connected mobile devices from any location to continue monitoring security.

When security data is stored on-premise, security teams have complete control over the data and can apply necessary policies and processes to maximize protection. This may be necessary to protect different types of sensitive information subject to industry regulations or client contractual requirements.

Storing data in the cloud may not be permissible under those regulations or contractual requirements, so it is essential to check that the storage solution is compliant.

On-premise storage systems can scale to meet additional capacity demands, new installations or centralization of multi-site security operations. However, scaling the system requires procurement, installation and configuration of additional storage devices, as well as additional space requirements and increased management and maintenance support. 

When storage is hosted in the cloud, the system can be scaled up or down on demand, ensuring that the system can accommodate changes in a very short timescale with minimal or no disruption to day-to-day security operations. There is usually no capital cost for scaling a cloud system, although it may require an increase in the regular subscription.

With an on-premise solution, the IT team is responsible for managing and installing updates and ensuring that the system is always up to date. Updates to on-premise systems may take additional time to install, especially across a large network.

In a cloud security solution, software updates are handled by the cloud team and are often included as part of the service covered by the regular subscription. With systems that leverage over-the-air (OTA) updates, the newest features and upgrades are implemented automatically, which can help protect against emerging threats or newly discovered vulnerabilities.

On-premise solutions can be customized in many different ways, for example by incorporating tiered access levels or setting other rules and processes to minimize risk. Thick client applications installed on on-prem managed workstations can run independently without an Internet connection, and offer the most opportunity for customization. However, the workload to build out and manage these applications will fall on internal teams.

Cloud-based systems offer fewer opportunities for customization. Subscriptions are often based on standard packages, although clients can set their own access requirements and internal rules for devices.

On-premise solutions may be built using legacy technologies that do not have the same level of compatibility with systems built to open standards, making integration more difficult.

Cloud-based systems are increasingly designed and built to open standards which can simplify integration with other compatible applications and systems.