Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How secure is the hybrid cloud?

Mary Branscombe | Aug. 27, 2015
The term hybrid cloud is used loosely, which is probably why so many companies say they're planning to adopt it. If you’re planning a hybrid cloud strategy, the security questions you need to think about may not be the ones you’d expect.

Although some VCE customers are looking for a private cloud for data security and privacy, hybrid cloud is what most of them are investing in says VCE’s EMEA (Europe, the Middle East and Africa) CTO Nigle Moulton. “The hybrid model, where you take classifications of data and keep some of them internal to your company, but some you are more relaxed about and are happy for them to sit in more public infrastructures, is the majority of what we see people investing in.”

Increasingly, on-premises systems are designed for hybrid cloud. SQL Server 2016 builds cloud bursting right into the server, and an increasing number of orchestration services make it simple to migrate virtual machines into the cloud when you need more capacity.

If you use Microsoft’s StorSimple storage appliance, you get an “infinite” storage area network. It looks like a SAN to your on-premises infrastructure, but as well as deduplicating, compressing and tiering your working set of data, it automatically backs up snapshots and tiers cold data to your choice of clouds (Azure, Azure Government, Amazon S3 or OpenStack clouds). The data is encrypted, and you can connect it using ExpressRoute, but you’re still moving data to the cloud without human intervention.

That automation and the seamless, low-friction connection makes it easy to move data and workloads to and from the cloud without anyone making a specific decision every time. And that means you need to have your security policy clearly set out in advance, and applied automatically, or you may find you’re moving something to the cloud that you don’t want to have there.

Security through expertise

“There needs to be a learning process, and obviously the things you want to learn with are the lowest risk things, which give you a great return on investment as you learn,” Russinovich suggests. “You want to learn about how much does it cost me, what are the best practices, how do I figure out security without putting the whole business at risk.” And while you’re learning, he points out, you can also be saving money, and getting real experience with cloud costs.

“Do I move the crown jewels first? That doesn’t make any sense. But I can move my devtest environment to the cloud and immediately I get a return, because if my devtest is on premises it’s occupying infrastructure and more than half the time it’s just sitting there and I’m paying for it. When I move it to the cloud I can learn about hybrid network connectivity, as I connect the on-premises environment to the devtest resources in a secure way to keep them off the Internet, because I don’t want even that exposed. I can also learn how to modernize my applications as I move them. My devtest on premises is a statically configured environment; when I move it to the cloud I can have it scale up – or scale in. I can have it completely shut off at 5 p.m. when the developers go home.”

 

Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.