What is the hybrid cloud?
Briefly, a hybrid cloud is surroundings that use a public cloud combination of third parties and a local private cloud, with orquestration between the two. When the service loads move between these two platforms, the private cloud and the public one, obtain a greater flexibility and more options of implementation of data. This allows to respond to the computer science changes and the enterprise needs him with agility. It sounds truth well?
In order to establish this surroundings of computation in the unique cloud, it needs the availability an Infrastructure as a public Service (IaaS) as AWS (Amazon Web Services) Google Cloud Platform or Microsoft Azure. Secondly, it needs the construction of a private cloud (or through a supplier of the cloud or in its own facilities). The third component is a good connectivity of network of ample area (WAN) between the public and deprived cloud. Finally, it must make sure that their hybrid cloud is safe. Here it is where the security of the hybrid cloud enters game: why it is important and what implies?
Security in the hybrid cloud
Although it can have a firm control on the data in his own deprived cloud, once it begins to venture itself in the space of the public cloud, the things become more complex. As more companies happen to hybrid cloud surroundings, more problems arise from security of data. These are the main preoccupations:
Management of policies in the cloud:
Whereas the policies and the procedures within the datacenter prevailed of the organization are established, these policies can not be transferred well when it is the public cloud. Therefore, the challenge is to create, to form and to maintain a security policy that is uniform in all the network. This includes rules of firewall, identification/authentication of users and companies IPS, among others things.
Flights of data:
Key problems for the administrators of security of data are the visibility of the data. When one is to decide where the data are due to store, the organizations must spend time, attention and an enormous amount of thought. And even thus, it is easy to lose the pursuit of the data without guaranteeing an suitable visibility of the data.
Fulfillment of the data:
Before the organizations can transfer data and applications to a cloud of suppliers of services, they must make sure that they understand all the laws of normative fulfillment that are applied to their data, or are data of credit cards of clients or data distributed in multiple geographic locations. In last instance, it is responsibility of the organization to make sure that the data of any nature well are protected. The suppliers of services in the cloud and the suppliers of services of lodging Web in the cloud will inform to the organizations to what standard of fulfillment they adhere. If more is required, the responsibility falls to the organization to explain those needs.
All the tools, procedures and practices of security must be scaled for the growth. If that has not become, the companies can make blockades of highways because they neglected the construction of a security architecture that adapts to the infrastructure resources of the organization.
This takes us to the final question: How to protect the hybrid cloud?
Although the hybrid cloud surroundings are more complex, multiple solutions and practices of hybrid cloud security exist that the organizations can implement to maintain it safe.
It isolates the critical infrastructure: the organizations incredibly store confidential data in the cloud. Nevertheless, the access to these data must be isolated and restricted to a little personal key, or of which they require it specifically.
Protection of final points: the use of the infrastructure in the cloud does not eliminate the necessity of security of final points. Often, the threats and the attacks begin in the level of full stop. Consequently, the companies and the organizations must implement the suitable security of the final points by means of the election of integral solutions of security that offer the inclusion of applications in the white list and the protection of the vulnerability of the navigator.
Coding of data: the data, in transit and rest, must be amounted as safety measure. The organizations also must protect the data, while they are used and process by an application in the cloud. This will assure that the data are protected their service life throughout. Although the coding methods vary in agreement with the suppliers of services, the organizations can choose the coding method soon whom they prefer and look for lodging suppliers that offer the same.
Backup copy of the data: she is essential that the organizations realise backup copies of their data, as much physical as virtually, in case an attack or fails of the system causes a loss of data (or temporary or permanent). The backup copy of the data of its website and other applications will guarantee that the data are accessible at any moment.
It creates a plan of continuity and recovery: he is vital that the organizations create an endorsement plan to guarantee that the operations in a while continue working without crisis problems (this could include you power shutdown in the datacenters or the interruption of the services). A recovery plan could include backup copies based on images, that will create copies of computers or virtual machines, that can be used to recover or to recover data.
Evaluation of risks: a good practice that must follow the organizations is to constantly update the practices of analysis and evaluation of risks. Of that way, organizations can review the state of fulfillment and the capacities of security of the supplier of the cloud. Also she allows the organizations to see her own internal tools of development and orquestration. The organizations also must watch the administration of operations, the tools of monitoring, the tools of security and the controls, as much internally as in the public cloud. A monitoring of this type allows the security equipment to maintain the clarity and the confidence in the controls that are at the moment in use and will give time them to modify them if it is necessary.
A lodging supplier chooses reliable Web: when a supplier of lodging in the cloud for its website chooses, the organizations must consider the security capacities. The supplier of the service must be conscious that the security is a key preoccupation and must provide safety measures adapted to maintain its reliable datas. The suppliers of Good Cloud Hosting use the storage systems to guarantee an unshakeable stability. This guarantees that it does not have to worry about the loss of data due to hardware faults.