Providing Insight Into the Cloud Computing Security, Privacy and Related Threats

Cloud Security Journal

Subscribe to Cloud Security Journal : eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Security Journal : homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Cloud Security Authors: John Katrick, Mamoon Yunus, Ravi Rajamiyer, Liz McMillan, Elizabeth White

Related Topics: Cloud Computing, Virtualization Magazine, SOA & WOA Magazine, CIO/CTO Update, Hybrid Cloud

Article

A Blueprint for Hybrid Cloud Deployment

Given the depth & breadth of today’s cloud offerings, enterprise CIOs should consider hybrid cloud strategy for IT environments

CIOs are expected to be heroes. They are responsible for innovating and transforming IT using new technologies that will drive business initiatives forward, but that is far from an easy task given the ongoing evolution of the IT world. This article will discuss the case for hybrid cloud in the enterprise, and suggest how CIOs can strategically develop a blueprint for hybrid cloud deployment.

A few years ago, CIOs were hesitant to move any data outside of their own data center due to lack of security and limited guarantees of availability. But as technology matured, education of CIOs improved drastically. Now, they are becoming increasingly aware of how next-gen solutions fit into their overarching goals, which allows them to leverage public and private/hybrid clouds in the most effective manner. In turn, CIOs are warming up to the idea of a hybrid cloud model, as they realize that acceptable cloud solutions are now available.

Before, cloud deployments rarely went hand-in-hand with security, as many IT teams associated "cloud" with attributes of the public cloud - cost-efficient and quick-to-deploy, but lacking security and compliance. With education has come a shift in thinking - CIOs are now willing to look at multiple cloud services as viable options, largely due to the demand from business partners and end users to increase overall performance and the speed at which projects are completed.

Although hybrid cloud now draws a large following, concerns still exist. Today, the challenge is meshing the traditional process with the next-generation solutions available on the market. CIOs want to utilize public clouds that are familiar to their traditional environments in terms of the security construct, processes and terminology. They want everything to feels more familiar because, in the end, they are putting their company and job at risk anytime they choose to move anything out of the organization's data center. Enterprises also already have a set of skills and tools in-house that cannot be abandoned, including the IT team and data centers.

Hybrid cloud now has the capabilities to address these concerns, while enabling enterprises to meet business demands and requirements. It provides an improved approach that blends in-house resources and public services. Deploying a hybrid cloud environment has an attractive list of benefits: flexibility, on-demand pricing and timeframes, enhanced resources, greater control, better SLAs, bolstered security, and improved performance. In a recent survey, Wakefield Research and SAP discovered that 75 percent of hybrid users noticed a drop-off in the level of complexity associated with their company's IT processes. The key to unlocking these benefits is all in the migration plan put forth.

In building a comprehensive hybrid cloud strategy, the following considerations must be taken into account:

1. Get educated - CIOs shouldn't rush into a cloud deployment without weighing the options and fully understanding how the cloud can best suit their needs. They should consider what they are comfortable outsourcing and what they would prefer to keep on-premise. Look for success stories in your vertical and scale. If CIOs correctly mix their traditional environment with new technologies offered by the hybrid cloud, the benefits will follow.

2. Do research - CIOs should evaluate multiple service providers and software companies. Many software companies struggle to provide comprehensive solutions that are effective, making it imperative to keep an open mind and consider the many options on the market.

3. Find the best of both worlds - CIOs should rely on an entity that is both a service provider and a software company. If they simply select a software company, there are limitations. By selecting a vendor that is both a service provider and a software company, CIOs are increasing the odds that the transition will be seamless. The vender is customer zero and the customers running on the platform should be voting with their POs on just how good the environment really is. They are in the best position to ensure consistency between the cloud solution and what they are able to deliver with the software offering.

4. Ensure security and compliance - Enterprises often require stringent security and compliance requirements to be extended into their cloud provider. While the public cloud initially gave the cloud a bad rep in terms of security, hybrid clouds are now being recognized for offering capabilities that meet and sometimes exceed these requirements. Encryption, data isolation, advanced GRC tools are integrated in many cloud offerings and help to address areas of concern. The tools are in place for enterprises to determine the parameters for their data - such as what countries/data centers that data can travel to. This provides an added level of comfort for CIOs, as the necessary safeguards are in place and they have more control over their cloud environments. Additionally, look for transparency in their operations, compliance support, a wide range of support options and the ability to demonstrate continual improvement.

5. Look beyond the basics - Enterprises expect encryption and data isolation to be packaged within hybrid cloud offerings, but they should seek out the "hidden" features that provide additional security. For example, capabilities provided by a technology like Intel TxT are able to further protect users from common mistakes associated with managing/running a cloud environment by adding the necessary intelligence. The actions are completed rapidly and in the hardware so the customer never has to see what's taking place.

Given the depth and breadth of today's cloud offerings, enterprise CIOs should consider a hybrid cloud strategy for their IT environments. It equates to a best-of-both-worlds approach for IT and business, and is not a zero sum game. CIOs can become the heroes they are expected to be by developing a comprehensive blueprint, and then simply taking a step back and allowing the business to progress with new technologies in place. From then on, with the tools in place to succeed, it is just a matter of saying "yes" to every ROI positive IT project that comes across their desks.

More Stories By Brian Gracely

A 20 year technology veteran, Brian Gracely is VP of product management at Virtustream. He holds a CCIE #3077 and an MBA from Wake Forest University.

Throughout his career Brian has led Cisco, NetApp, EMC and Virtustream into emerging markets and through technology transitions. An active participant in the virtualization and cloud computing communities, his industry viewpoints and writing can also be found on Twitter @bgracely, on his blog Clouds of Change and his podcast The Cloudcast (.net). He is a VMware vExpert and was named a "Top 100" Cloud Computing blogger by Cloud Computing Journal.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.