Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Hybrid clouds pose new security challenges

Christine Burns Rudalevige | Feb. 13, 2013
If 2013 is the year enterprises begin implementing their hybrid cloud strategies, as the experts are predicting, then it follows that this will also be the year when hybrid cloud security takes center stage.

The technology is implemented as an add-on tool for a Hadoop and Hive based cloud computing infrastructure and the team's experiments demonstrate that using it can lead to a major performance gain by exploiting hybrid cloud components without violating any pre-determined public cloud usage constraints.

Having to think about how hybrid cloud operations fit into a company's overall information security management scheme could help IT departments reset the appropriate level of security for the processes across the entire enterprise, argues Pat O'Day, CTO at Bluelock, a VMware based cloud service provider in Minneapolis.

"We now get to think about how to set the right level of security on a application-specific, a process-specific or even a data-specific basis," says O'Day, a condition that gives enterprises a lot of leeway in terms of where they want to spend resources on security.

Rand Wacker, vice president of products for CloudPassage, a cloud server security vendor, suggests customers take the strictest security scenario - most likely pertaining to hybrid cloud usage because there are direct links between the public cloud and on-premise resources -- and set the most stringent security policy for that level of risk.

ISACA's Spivey advises clients that whatever security policy they establish, they must be sure that it is portable. "Don't lock your policy to your cloud provider," Spivey says. There will be a time down the road where you will want to migrate away from them for either price or performance reasons and you don't want to have to rethink your whole security policy to make the switch, he says.

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.