How Can We Secure Mixed-Cloud Environments?

How Can We Secure Mixed-Cloud Environments?

There is no doubt as to the benefits that cloud computing brings to businesses around the world. But there is also no question that security is one of the most immediate concerns when moving from local, in-house IT solutions to cloud-based solutions. Businesses tend to mix and match different cloud solutions from multiple vendors in order to satisfy business needs. This leads to a not-so-healthy mix of cloud solutions, platforms and data variations. Securing cloud environments is already complicated and challenging enough, and mixing different solutions only serves to worsen the situation to the point that it can get out of hand. However, this approach will continue to become more common because of the ever-changing business environment, and because cloud service providers are constantly evolving their solutions in order to cope with skyrocketing competition. This leads to a juggling and cannibalism of clients among competitors.

So, the big question is what will constitute an effective strategy to secure all these mixed-cloud environments when an organization decides to build a private cloud to enhance existing IT services, employ third-party vendors for other cloud solution needs, or even invest in an SaaS or PaaS in order to cut down on software solution costs. We examine some ways to secure mixed-cloud environments.

  • Focus on the data. First and foremost, it is very important to be data-centric when thinking about security in the cloud. You must always be aware of where your data is, and of who handles it. A mixed-cloud environment will make this complicated, but companies are coping with this with the help of something called, “rules as a service”. There is also an extra challenge when data from different environments is being combined for the purpose of analytics. The resulting new form of data may trigger a series of regulatory controls and restrictions along with potential privacy concerns. So, being data-centric in security would mean that it is critical to focus on data and service classification to determine which data to deploy on the cloud. Organizations should have sound technical policy control definitions based on data classification and user authorization.
  • Look at the broader ecosystem. Companies must see the bigger picture and consider the complete mix of their mobile, social and cloud environments. Most companies implement their cloud solutions over time, which results in fragmentation – this simply will not do. It is imperative that security controls work and reflect all of the environments that the company might have. So, look to the long term and consider all the cloud environments you need before even implementing one, no matter how far off the implementation of others might be.
  • Create a road map of which security requirements need to be in place, based on the environment that you will be implementing. This road map is necessary and must be used as a checklist or questionnaire for new systems when you consider the service providers, tools, and infrastructure you plan to implement.
  • Learn from those who have gone before you. You are not the only one who has come across the problem and most probably not the first. There will always be others who have encountered and solved this problem already; so, learn from their mistakes and adapt their solutions. The service providers you will be considering will probably have experience in this aspect – work with them in planning your security requirements.

By Abdul Salam

About Abdul

Abdul is a senior consultant with Energy Services, and author of numerous blogs, books, white papers, and tutorials on cloud computing and accomplished technical writer with CloudTweaks. He earned his bachelor’s degree in Information Technology, followed by an MBA-IT degree and certifications by Cisco and Juniper Networks.

He has recently co-authored: Deploying and Managing a Cloud Infrastructure: Real-World Skills for the CompTIA Cloud+ Certification (Wiley).

View All Articles

Sorry, comments are closed for this post.

The Evolution Of The Connected Cloud

The Evolution Of The Connected Cloud

The Connected Cloud Cloud computing is interesting first, but not only, because of the prevalence of cloud projects. There are many of them launched every day. Some have lofty expectations for business benefits (cost saving of 20 percent or more) and others carry even more intriguing goals. In 2005 “the cloud” was new. Shared computing…

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises The surface costs might give you pause, but the cost of diminishing your differentiators is far greater. Will a shift to the cloud save you money? Potential savings are historically the main business driver cited when companies move to the cloud, but it shouldn’t be viewed as a cost-saving exercise. There…

Does Slack Live Up To The Hype?

Does Slack Live Up To The Hype?

Does Slack Live Up to the Hype? Slack’s the definition of a business success story. In just a couple years, it’s evolved from a gaming company’s internal communication tool to a globally used platform that was last valued at $2.8 billion. The popular collaboration tool, dubbed “social media for business,” first made an appearance on…

IoT Rapid Expansion Throughout The World

IoT Rapid Expansion Throughout The World

IoT Rapid Expansion Cyber Physical Systems (CPS) are a nomenclature used to define the world beyond IoT devices. CPS includes the robotic and automation systems that interact with the IoT devices. Based on that changing landscape I have come to realize that CPS and by default IoT devices actually have three distinct concerns. The three…

Big Data – Productivity, Innovation And Competitiveness

Big Data – Productivity, Innovation And Competitiveness

Big Data – Productivity, Innovation And Competitiveness Big Data Analytics Big data refers to datasets that are so large, diverse, and fast-changing which need advanced and unique storage, management, analysis, and visualization technologies.  According to McKinsey, Big Data is “the next frontier for innovation, competition and productivity”.  The right use of Big Data can increase productivity,…

Are You Sure You Are Ready For The Cloud? SDI

Are You Sure You Are Ready For The Cloud? SDI

Software Defined Infrastructure Well, we have come full circle with this string of subjects; about making sure you are ready for the cloud. We have talked security, storage, access, connectivity and feasibility to name a few. Now, lets discuss SDI. What is SDI? It simply stands for “Software Defined Infrastructure”. Many people have their own…

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Imagine this:  Your wearable device is subpoenaed to testify against you.  You were driving when you were over the legal alcohol limit and data from a smart Breathalyzer device is used against you. Some might argue that such a use case could potentially safeguard society. However, it poses…

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor