Security in the Hybrid Cloud

With 75% of C-Level executives believing that it should be the main area of focus for their company in 2015, 72% expecting to adopt hybrid cloud by 2018 and 65% saying that they would downsize all their data centres in favour of hybrid cloud-based solutions, it is obvious that the time for adoption is upon us.

However, the level of confusion, according to the Avenade survey (August 2015), suggests that many executives do not know the difference between hybrid cloud and simply using cloud services. 

Understanding Hybrid Cloud

Hybrid Cloud means that part of your business is on premise and part of it is in the cloud. Instead of buying and running your own large-scale hardware, or even using a public cloud, and setting up and maintaining a complex system, you buy a cloud service that runs against on-premise systems. You get the value on premise but you are not having to take on that burden of responsibility.

Hybrid Cloud Security

Ensuring security when moving to hybrid cloud needs to be a learning process. The question commonly asked is “how do I figure out security ensuring that the entire business is not put at risk?”

Do you move the most important data first? No, that does not make sense. However if you can move your devtest environment to the cloud, you can instantly get a return, because if your devtest is on premises it is occupying infrastructure and the majority of the time it is just sitting there and you are paying for it. When you move it to the cloud you can learn about hybrid network connectivity, as you connect the on-premises environment to the devtest resources in a secure way to keep them off the Internet.

You can take advantage of storage connectivity. Why do you want to buy a new SAN to store data that you are just backing up? Throw that up into the cloud. And while you consider how to secure that data, you can have that data encrypted as it moves to the cloud. That means low risk; even if that data leaks, it's not putting the whole business as risk.

Once you move those lower risk systems to the cloud, you are able to understand and learn hybrid cloud strategies. For new projects such as marketing campaigns and sales documents, you can move these off premise and into the cloud.

As application developers rather than network architects are now managing access controls, it is important understand the security and compliance implications and how to enforce these.

Implementing more complex Hybrid Infrastructures

After understanding this, you can start to implement more complex hybrid infrastructures – where, in the cloud, you can build the front-end of an application, but keep the data on premise. Understandably, the most complicated data to move is the more sensitive private data. This is because the ecosystem of a company is built around that data being in a particular place and accessed in a particular way, and it is expensive to move it. Hence, moving the peripheral data first is the easiest and more effective strategy.

To ensure this process through prioritisation is managed properly, you must perform data classification - understand the complexity of applications and the sensitivity of the data and classify which applications handle confidential information.