What’s best for your organization, shared or dedicated servers? If your company is looking for website hosting, an email provider, or hosting for other online services, this question may not be high up on its list of priorities. The differences between shared and dedicated servers may not seem particularly important at first. However, this choice could have significant security and reliability ramifications.
Many providers will steer you toward shared servers, or only provide a “shared cloud,” even though these may not be in your company’s best interest.
It’s more efficient and cost-effective for them to lump a bunch of their customers onto the same server. This makes it easier to manage and reduces the provider’s overhead expenses. Your provider’s cost-savings and ease-of-administration probably aren’t your organization’s greatest concerns. Instead, you should be more worried about the additional risks and complications that shared servers can bring to your business.
While dedicated servers can be a more expensive option, the security and reliability benefits they provide make it worthwhile.
Security of Shared vs Dedicated Servers
Let’s say your website is hosted on a shared server, along with a bunch of other websites. For the sake of this example, let’s also presume that you are exceptionally diligent. All of your software and plugins are always updated as soon as possible, you have strong passwords, two-factor authentication, and suitable access control policies. You have regular security audits, and any issues that pop up are immediately rectified. Your site is essentially Fort Knox and meets compliance requirements.
But what about the sites that you share your server with?
You have no control over them, and can’t enforce the same security precautions that your organization does.
Well, that’s their problem, right?
It is, but it could very easily become your problem as well. There are a number of situations in which things could go badly for your organization as well.
Security Risks on Shared Servers
- One or more of the other websites may be highly vulnerable. Whether through neglecting their updates or other poor security practices, they may be easy to infiltrate. If hackers can compromise one site on the server, it can give them a window into the others. This means that sharing a server significantly increases your own risk of data breaches. Cybercriminals may even target your site deliberately by looking up others that share the same IP address.
- Malicious actors may set up their own sites on your shared server, with the sole intention of using this access to penetrate the other sites. This can also result in your organization’s website and database being breached.
- You may share the server with a high-value target, such as a political activist or journalist. If they raise the ire of others, they could fall victim to a DDoS attack. Not only could this prevent legitimate visitors from accessing their website, but it could use up the shared resources, and prevent others from visiting your site.
These examples around web hosting also apply to other services such as email hosting, video conferencing, payment processing, online chat, etc. It is always a better and more secure choice to isolate your services and data from others to the maximum degree possible.
While shared servers can be the more economical option, particularly for those with limited needs, you also need to weigh these savings against the potential threats that come from any of these attacks. Is the possibility of suffering an attack, as well as the costs, damage to your organization’s reputation and stress worth the slight reduction in price?
If you use a shared server, it takes control out of your organization’s hands.
Reliability of Shared vs Dedicated Servers
If your organization uses a shared service, it shares resources with other organizations provisioned on the same shared server(s). The disk space, disk throughput, memory, network capacity, and processing power are all split or shared between the various parties.
This isn’t necessarily a problem—unless one of the other customers starts consuming all of the resources. If you shares a server with one of these bad neighbors, the strain can cause your services to slow down, or even become unavailable. In practical terms, this could result in your website being down, your email inaccessible, an inability for your employees to send messages, of your video teleconferencing system malfunctioning.
If a bad neighbor sends out email spam, that activity can also get the whole shared server or shared IP space blacklisted. This can result in your company’s emails going straight to spam, even when it has done nothing wrong. The reliability of your email sending and the successful inbox delivery of your messages depend on others when using shared resources.
LuxSci’s Dedicated Server Options
You can avoid facing these security and reliability issues through segmentation and isolation. LuxSci provides a range of options to suit a variety of different needs. These include giving clients:
- Their own dedicated server(s) that are firewalled off from other customers.
- Their own network segment with dedicated physical or network firewalls. These can be customized according to an organization’s needs.
- Their own dedicated physical hardware, which means that even virtualization hypervisors aren’t shared between customers.
These options give our clients the flexibility they need to meet their organization’s unique requirements. Pursuing one of the above options will mean that your organization won’t have to worry about the threats or reliability problems that sharing a server can bring. LuxSci is HITRUST CSF certified and specializes in building custom, highly secure web environments designed to meet our customers’ needs.