Welcome to the WEI Tech Exchange Blog

4 Tips for Strengthening Hybrid Cloud Security

Written by Greg LaBrie | Feb 28, 2017 1:45:00 PM

The growth rate of the hybrid cloud seems to be living up to its hype. In fact, Forrester Research recently updated their growth prediction of the cloud market by 20 percent above their initial forecast three years ago. Their current estimate is an investment of $191 billion by 2020.  As another example of this growth, as of January 2015, Microsoft Azure was storing more than 10 trillion objects, an increase of 6 trillion objects since July 2012.

The hybrid cloud is the most popular deployment model today. Like the public cloud, the hybrid model brings elasticity and flexibility, but it also introduces complexity. This means your IT team needs to have a comprehensive hybrid cloud security strategy that extends beyond your on premise perimeter. Read on for four integral steps to ensuring that the data included in your hybrid implementation stays secure.

4 Hybrid Cloud Security Tips

  1. Be an Active Partner with Your Cloud Provider

Your organization is trusting a cloud provider with the company’s data and essential services, so you should be actively involved in the management of your assets. Don’t assume your provider delivers the proper degrees of compliance and security your enterprise requires. Make sure you do your due diligence when you research your provider, and don’t be timid about negotiating your Service Level Agreement (SLA). Transparency is an essential quality that should be required, like in any partnership. 

  1. Proper, Detailed Planning is Essential

Before you begin a hybrid cloud implementation, your IT team must conduct a comprehensive review of your data and resources in order to determine what facets of your enterprise will be hosted in the cloud and what will remain grounded within the confines of your datacenter. Your current data should be carefully assessed in order to determine its compliancy levels.

Many organizations will insist on retaining data that must meet strict compliancy standards and regulations on premise, while choosing to host less sensitive data in the cloud. If you are considering hosting compliant-driven data in the cloud, you need to confirm your provider can deliver full encryption for data both at rest and in transit. In some cases, your information may constitute resource isolation. Even though your data is being hosted in a multi-tenant environment, resource isolation ensures data does not reside on any drives utilized by other customers. 

  1. Determine Data Location and Redundancy

IT managers know the exact location of data within an on premise network, but that isn’t the case when data resides in the cloud. This is where the issue of data sovereignty comes into play. For example, Microsoft recently contested a three-year search and seizure case involving the U.S. government over email data that was hosted in an Azure datacenter in Dublin, Ireland that pertained to a criminal case in the U.S.  In the end, a District Circuit Court of Appeals ruled in favor of Microsoft. 

Knowing where you data resides is critical, as some types of data is required to reside within its country of origin due to government regulations. In most cases, cloud providers are required to retain one copy of data within your region. Because your enterprise is now segregated into one or more segments, redundancy is critical. You can accomplish this by:

  • Replicating redundant copies of data between the cloud provider and on premise datacenter
  • Ensuring the cloud provider is replicating redundant copies of data between multiple data centers within its own enterprise
  • Choosing multiple cloud providers to create redundant copies of data
  1. Take Measures to Protect Your Cloud Resources

Any reputable cloud provider ensures their physical infrastructure is secure so they can provide separation between tenants and instances. They can also provide their customers with the ability to comply with corporate security policies and industry regulations. However, a cloud provider isn’t responsible for providing security of your resources in the same fashion that you perform within your on premise data center. For instance, Amazon Web Services specifies that it is the responsibility of their customers to build security into their solutions. A cloud provider may offer you the ability to encrypt your data, but don’t provide encryption themselves. This is where it can help to have an IT partner like WEI on your side.

Want to keep your organization’s precious assets safe in the cloud? Contact the cloud experts at WEI today.