Cloud Security

ROK has employed a security team of experts from all different organizations - Federal Government, Financial Institutions, and Healthcare to name a few. With this experience ROK is able to provide valuable insight from a broad background of security philosophies to best fit our client’s needs, whatever that may be.

What is Cloud Security?

Cloud security is not a one-size-fits all solution - each environment has different requirements, workflows, and processes that require customized security solutions to best accommodate security needs in a cost effective manner.

Core Cloud Security Challenges:


Making a server and its data available to the public can be done with a few clicks, and can easily be done by accident with insufficient access control rules to prevent misuse.


Cloud services by nature are far more accessible than traditional servers, this presents a number of challenges. This is a delicate balance between services benefiting from the availability and accessibility of the cloud, while maintaining a secure infrastructure.

ROK Cloud security… It’s what we do…

Our cloud architects and security experts evaluate each client environment individually to provide a best fit security solution for the client’s requirements. By default ROK will architect a client’s environment based on NIST best practices.
Dedicated environment

This allows ROK to run each client environment in a silo giving your organization the control you need.

Three tier architecture

We reduce public exposure with a Web-Tier, Application-Tier, and Data-Tier approach, each configured with its own firewall. We implement multiple layers of protection between your authoritative data and the internet.

Modular architecture

Modularity helps maintain agility and scalability as our clients' needs evolve. The connections between production, QA and dev environments, brokered by the management section, allow for a cost effective VDI solution without additional risk.

Remote Asset Management

We monitor system health, security, systems patches, Esri patches, application updates, and antivirus from a centralized location. This level of proactivity allows us to take care of potential issues before they hinder performance or uptime.

Custom Backups & Restoration

ROK takes geo-redundant system backups multiple times a day to ensure minimal downtime and lost work in the event of a disaster. ROK tests disaster recovery processes annually.

Related Articles

Case Study
Anne Arundel County Government Harnesses the Power of Managed Cloud Services to Modernize their GIS

Anne Arundel County’s Commitment to Accelerate Digital Transformation This transformation commitment creates a more effective and efficient county government for employees, citizens, and communities. To effectively support every citizen of Anne Arundel County with the standardization, coordination, and dissemination of geographic information requires a GIS infrastructure that facilitates collaboration – and is both scalable and reliable.  Power […]

Kubernetes and ArcGIS: Staying Ahead of Evolving Tech

The cloud-native deployment option for ArcGIS Enterprise, Kubernetes, is quite popular these days, but what is Kubernetes? K8s is entering the mainstream because of its scalability, resilience, and maintainability. While the deployment of ArcGIS Enterprise on Kubernetes is an exciting new frontier for IT architects, it’s still important for GIS end-users to understand what is […]

Dispelling The 7 Myths Plaguing VDI Technology

VDI has been and will continue to be a buzzword in the technology landscape, but what exactly is VDI? If you’ve heard of it, does it make you think of The Wizard of OZ – something magical, mysterious and hidden behind the curtain? Does it make you think of a keyfob code that never seemed […]


“ROK made a complex transition very easy and is always very responsive with any requests or issues. Bringing on ROK to manage and administer our GIS environment has allowed us to move other initiatives forward and provide better service to our clients and staff.”  
Greg Newton • GISP
Gewalt Hamilton Associates, Inc.
We have a requirement to maintain a specific security certification, is ROK able to accommodate? (FedRAMP, PCI, HIPPA, etc.)

ROK approaches this problem in a way that respects our client’s budget. Oftentimes these security certifications require costly annual audits, documentation, etc. To help our clients avoid paying for this process twice (once for their environment that exists already, and one for the ROK environment), ROK provides services where we are able to be on-boarded as contractors within your existing certified environment and are able to provide the same level of service you would expect with a ROK owned environment, except you only have to deal with a single auditing process.

How do you routinely resolve conflicts where multiple sources exist for a data element, ie town GIS public system vs. our engineers?

This is an interesting problem, essentially the approach to take in this situation is to choose which data is the authority and leverage that data source over the other - in this situation if I knew good data was getting replaced with bad data by users, the first approach I would take is user access control - do users need to change this data to do their job? If not, they don't need access to change it. If they do need to change it, but mistakes get made, in that case I would create a workflow that compares the two data sources, and if the secondary source is different than the authoritative source, it overwrites the alternative source.

I have a data source I’d prefer to keep on-premise. Is this okay not to move to the cloud?

It is your data to do with as you need, but be able to answer the question “why?” Why would you want to maintain a workload on-premise when you can move it into the cloud? There, keeping the lights on is managed for you instead of having to maintain it yourself separately.

Is the cloud secure?

The cloud is generally more secure than most private data centers since Amazon and Microsoft can hire talented engineers and automate many of their practices. Cloud infrastructure providers also offer tools and architectural options to isolate workloads, encrypt data and detect potential threats.

What is the most common security threat?

The process to secure a cloud environment is different from more traditional data center practices, so cloud adoption requires a learning curve for IT teams. Unauthorized access to resources is the most common cloud security threat; many high-profile exposures of sensitive data resulted from misconfigurations.

Ready to Get Started?