Contact Us




Change Locale

6 Tips for Increasing the Portability of Your Hybrid Cloud Security Strategy

Servers, Storage and Networking | Posted on July 11, 2016 by Softchoice Advisor

Security should be a high priority in any scenario, however, and strategies for hybrid cloud environments must take into account the potential for frequent movement of data between public clouds as well as between public and private clouds. Here are six factors to consider to ensure that your security strategy is portable across all services and service providers.

Editors note: this post was republished with permission. This article was authored by Scott Montgomery, VP & Chief Technical Strategist, Intel Security. View the original here.

The prices and services that cloud infrastructure providers offer change so often that you may be doing yourself a disservice by tying your hybrid cloud to one particular vendor. We’re even starting to see services emerge that shift workloads transparently between cloud providers to give customers the best deal.

1. Sweat the SLAs
Specify to any prospective cloud provider what levels of security you need for the assets you’re moving into a public cloud and any restrictions you require regarding how data is stored, backed up, and encrypted. Among the factors to include in a service level agreement (SLA) are data privacy, data flow, data storage, the physical location of data, and the type of encryption used. Cloud providers generally have their own tools and standards in each of these areas, so focus on the desired outcomes rather than technologies.

In regulated industries, specify which compliance standards must be observed and what reporting is required. Be sure your cloud provider is aware of compliance deadlines. For example, some regulations require records to be made available with as little as 24 hours’ notice.

The more provable or measurable your SLA is, the less chance you will have to re-craft it when moving to a cloud provider with different procedures or tools.

2. Practice good data governance
Prior to engaging a cloud provider, classify your data according to what must be kept within the private cloud and what can be safely moved to the public cloud so that your most critical data is under your control.

If budget permits, enable replication of data from the cloud data store to your site or a trusted third-party so that there is minimal risk of data loss.

3. Secure communications
Many cloud services use the public Internet by default to transmit data. This practice is inherently insecure. Use a virtual private network (VPN) to maintain a secure and controlled “tunnel” between your private cloud and the public infrastructure provider.

Be aware that additional costs and limitations may be involved. For example, it’s important to understand if a cloud provider supports a limited number of gateway devices or a specific encryption-in-transit methodology. Use devices and protocols that are supported across all platforms you may want to use.

4. Use strong authentication
Simple password protection is insufficient for working with sensitive data. There are many superior alternatives, such as biometric authentication, one-time password (OTP) tokens and two-factor authentication. Be sure any prospective cloud provider supports your preferred method.

Another alternative is to use your internal authentication system, such as Microsoft Active Directory or LDAP, to log in to cloud services. Directory-based authentication makes it easy to switch between cloud services without resetting passwords or changing procedures, and also provides audit trails for additional control.

5. Use APIs
Cloud computing has created an explosion of Application Program Interfaces (APIs), which enable applications to exchange functionality and data in a secure and manageable fashion. (For example, APIs are what enable your smartphone to access the current temperature without opening the full site.) Using APIs, administrators can specify what data is available to whom at what times and under what conditions.

Because APIs provide a standardized data exchange mechanism, they can be ported easily between cloud platforms. And by using APIs instead of exposing program code, your applications are not only more portable, but also more secure.

It’s important, therefore, to specify which APIs you need your cloud provider to support before signing a contract.

6. Hold onto the keys
Sensitive data should be encrypted at all times, both while at rest and in motion between your data center and the cloud. This is true even if you use a VPN. Be sure your cloud provider supports your encryption protocol of choice. And in all cases, make sure the keys are kept in your possession, not in the hands of the service provider.

Cloud computing provides a wide variety of options for the types of cloud services as well as the providers that sell them. Make sure security doesn’t hold you back from choosing the best one for your needs.

Click here to learn more about the state of cloud adoption.

Related Articles

Cloud | June 16, 2020 by Jennifer Reed

Whether or not you agree that OK Computer, the third album by the English rock band Radiohead released in 1997, deserved its critical acclaim, know that the Library of Congress had already deemed the album “critically, historically, or aesthetically significant” when it was included in the National Recording Registry in 2014. What cannot be disputed […]

Cloud | May 25, 2020 by Softchoice Advisor

The Softchoice Virtual Discovery Expo (VDX) 2020 has now wrapped. Over 2,000 people registered to hear from Softchoice and our exhibitor partners about the areas driving their digital transformation today. This year, our full-day virtual tech expo happened in a much different context than the inaugural event in 2019. Attendees took away an important message: […]

Cloud | May 21, 2020 by Softchoice Advisor

Part 2 of our 2-part series on Driving Efficiency through Infrastructure Optimization. Read Part 1 “Where to Find Cost Savings in Your Cloud or Data Center Environment ” In the response to the current global crisis, short-term cost reductions have been prioritized by many  organizations looking to keep their businesses viable during the economic downturn.  […]