Ask any CIO what they like about the cloud and you’ll get a variety answers: it’s simpler, it’s cheaper, it’s more efficient, it’s more scalable, etc. Ask them what they don’t like about the cloud and the answer is almost uniformly the same: security. Year after year, a perceived lack of security is the number one concern that keeps CIOs from fully investing in the “common” (i.e., public) cloud.
There are, of course, alternatives to putting everything into the public cloud. Many enterprises continue to use premises-based IT solutions as both a way to leverage their existing skill sets and maximize the ROI from their hardware/software investments. In fact, many enterprises have decided that a half-in/half-out approach to the cloud (frequently called a hybrid cloud) is the best strategy. But does a hybrid cloud represent a compromise between security and cost-efficiency, or can it actually enhance an enterprise’s security position?
5. Data security
Moving data from a private to a public network should naturally make a CIO nervous. Personally identifiable information like customer database records or credit card transactions are particularly sensitive, as compromised data can lead to lost customer trust and, ultimately, lost revenue. One of the advantages of a hybrid cloud is the ability to store highly sensitive data internally, but access it externally (and securely) via cloud-based applications. So long as secure access methods (VPN tunnels, authentication, encryption) are in place, a hybrid cloud can afford enterprises the best of both worlds in terms of data security and data mobility.
4. Industry compliance
Industry compliance requirements may look like alphabet soup to some—SOX, HIPAA, PCI—but enterprises need to follow them to the letter if they wish to protect their data and avoid hefty fines. This is why many hybrid cloud service providers make significant investments to ensure that their cloud platforms are industry compliant. As a result, businesses can find that a hybrid cloud solution actually gives them an advantage in terms of industry compliance without taking the burden on themselves.
3. Business continuity / Disaster recovery
This is one area where the cloud excels because of its natural redundancy and high availability. The benefit of deploying a hybrid cloud platform is the ability to back up internal applications and data in a separately maintained cloud to provide seamless disaster recovery and business continuity in the event of an internal network/hardware failure. Some hybrid clouds even offer geo-redundant servers so that no single point of failure exists in the cloud.
2. Network security
Any reputable hybrid cloud service will feature perimeter security (e.g., firewalls) to protect against unauthorized network entry. Some cloud providers, however, go beyond that to provide deeper levels of security through technologies like network virtualization and micro-segmentation that protect data and applications within the network as well. Here again, leveraging a cloud provider’s investments in security skills and technology can pay dividends to enterprises that may not have the same depth of skills and solutions in their own network.
1. Security control / Management
One of the common critiques against public cloud platforms is a perceived lack of control over security settings. Some hybrid cloud platforms address this issue by allowing their “tenants” to carry over security policies from their private cloud or internal data center to make security seamless between the public and private realms. In addition, hybrid cloud providers may offer a robust set of role-based security controls that allow IT administrators to tweak or change their security settings as needed.
Learn more about the cloud communications systems and on-premises communications systems that you can combine to create a hybrid cloud system >