Since the news media is on fire the past few days because of the SolarWinds malware that has made its way into multiple government agencies and even Microsoft. Many techs are now thinking about the security of self-hosted platforms and would it just be better to move the websites to the cloud.
According to news sources, the attack may be Russian in nature. It could just be some Ukrainian or Slavic guys who got bored bouncing through the Russian IPs.
Regardless this attack was very well organized, and they could access a lot even the nuclear secrets data. As well as a lot of government agencies.
This likely has a lot of community college techs wondering if they may be a target too. Solarwinds does push sales into the colleges, and the company does have some handy network monitoring tools. That is likely the reason they were able to access so much by exploiting the Solarwinds vulnerability.
So now that this is exposed, how can networks protect themselves. Have good firewalls, both hardware and software defenses on your network. It is the number one thing you need, but moving your website offsite into the cloud would add another layer to your defenses.
You may be asking how can moving a website to another external host help with security of my website? There is so much more there that I don’t control.
If your website is hosted internally on the same network as your domain or student information system, then all an attacker needs to do is to do a DNS query and, with just a little scanning, figure out every public-facing host on your network that they may look for weaknesses in the config or OS.
But if your website were hosted on somename.aws.amazon.com or Azure, then that query would not produce your network range. This is really the only reason you need to make a case for moving the site to an external network. This would not stop the Russian KGB from figuring you out, but I doubt they care too much about your individual students, but some spammer in Ukraine might, and they may not be as knowledgable when you get out of the script kiddie tools.
The other advantage of moving a website to the cloud include Stability, infinite scalability. No matter how many students the admissions folks bring into the website, it will grow as needed. And setting up the correct scaling descaling can really save college’s money in the long run instead of maintaining their own virtual instance. You don’t have to worry about hardware or OS issues; you worry about your code.
While it may require some refactoring and you may need to set up a point to point VPN between your AWS network and the college network for some data transfer, the benefits will be worth the effort.