Best Practices for Securing  Hybrid Cloud

Hybrid cloud model is the flavour of the season and many companies are planning to go forward with it. Hybrid cloud model addresses the data security, governance and compliance issues thereby making the idea of a co-located hybrid cloud gaining traction. In this model, data is stored in the private cloud, which is co-located with a public cloud and connected by local LAN.

The Hybrid cloud can provide access to data with speed and flexibility that allows data move freely between different resources, while maintaining control over data sovereignty. Organizations get the best of both worlds through this hybrid approach. Given these benefits, we will see more organizations move their data to hybrid cloud environments, which will help them retain control of their data, while exploiting the economic and management benefits of the public cloud.

The co-located hybrid cloud approach means that all data is stored inside the private cloud, and it has the advantage of being behind firewalls at all times, even during transmission.

Data Storage Security

Philips Ranjit, Director, Cloud Business, India/SAARC, NetApp India strongly believes that enterprises today need data storage security solutions to help prevent unauthorized modification or disclosure of data stored across their hybrid clouds or data centres, and to support their key data security and compliance initiatives.

The introduction of hybrid cloud architectures in IT today makes data governance more complex because data is distributed, and not under direct control. NetApp strives to create an enterprise data management solution, with their Data ONTAP operating system at its core, which will span the customers’ data storage landscape, irrespective of data type or location. Data ONTAP, as a universal data platform across cloud environments: A Data Fabric that spans on-premise dedicated and shared environments and public cloud infrastructure to deliver a unified and universal data services and management model.

Security Concerns with Hybrid Cloud and How to Tackle Them

According to Ajay Khubchandani, Senior IT Security Expert, ESS Distribution Pvt Ltd (official distributor of ESET products in India), “Hybrid cloud, as any cloud computing, raises all the same security concerns as any other IT infrastructure, internal or external, will rise. The security tools that are used to protect public and private clouds include traditional perimeter-based controls like firewalls, access controls, log management, etc. The difference is that hybrid cloud is a much more complex system and whoever is implementing and maintaining it has to have enough knowledge to optimize and manage it in the most secure way.”

CIOs have to be definitely ahead of the curve while business owners have to consider not only investments in cloud solutions, but the supporting infrastructure. This is rather a management risk.

When we talk about security itself, the big question is how to apply company’s existing security protocols (authentication, authorization, account management and audit logging) to both private and public cloud. Whether the company decides to replicate controls in both clouds or deploy identity management service which will cater similarly to systems running in both clouds, this requires attention at the very initial stage of implementation phase, he further added.

There are security risks attributed to the hybrid clouds particularly. Such risks are first of all related to data movements. When thinking of using a hybrid cloud you have to ensure that the data moving between two clouds is protected. Especially if it is personal or financial data, for example, if you work with credit card payments. You need to be sure that this data is not transferred from a database on a private cloud to a less secure storage system in a public cloud because despite your efforts to secure the data from any breach internally will not often translate to a public cloud.

How to Enhance Cloud Security

Securing your hybrid cloud is essential for any business. Arup Das, Vice President and Lending Product Head, Nucleus Software, provides inputs on best practices to enhance hybrid cloud security.

• To tackle authentication and authorization challenges, explore IAM (Identity Access Management) where a single sign-on can be a viable solution.
• Limit the number of users who can access the data. Data should even be classified as confidential, public and private, and access should be granted accordingly.
• One must have a robust Security Incident and Event Monitoring (SIEM) system that can record successful and failed login attempts into key systems, configuration changes and system activities. A SIEM system can record relation between various security systems and help simulate events that lead to a security breach.

To Conclude…

Changes in enterprise governance models make hybrid cloud easier and security is no longer an afterthought. It’s something which the vendors build into their risk models that takes account of what the security implications are, and how you deal with them. Most storage vendors are still figuring out exactly what the requirements should be for securely partitioned, shared storage. Whether you’re deploying large-scale virtualization, private cloud, or public cloud, security can be a challenge. The best practices drive greater business agility, improve data access and promote a more productive, mobilized workforce.