A Hybrid Cloud isn’t the easiest Cloud model to use securely, but with the right architectural approach, it can be provide the flexible service your customers want.
Before going on, what is a Hybrid Cloud?
Well, it’s a combination of public (e.g. Amazon Web Services, Microsoft Azure etc. ideal for clients with low-risk commodities), private (those built exclusively for a single organisation tailored to their specific needs) and community Cloud service (build for a discrete community such as the Police).
A Hybrid Cloud is an excellent choice if you have an overall service that’s made up of a number of different components, some of which are sensitive and some that are not. Or if you’re launching a web service, but are unsure of what demand is likely to be so you want something that can cope with sudden demand surge.
As already alluded to, security can be an issue as you have to deal with the security considerations of both public and private Clouds.
Lee Newcombe, Chief Information Risk Advisor, Infrastructure Transformation Services Practices, Capgemini UK says:
“This is where the true value of security architecture shines through. If you have invested in defining a set of consistent and comprehensive logical security services (including functional and non-functional aspects) then you can choose appropriate physical implementations for each of those services relevant to the cloud deployment model and achieve the desired levels of security. Furthermore, if you have established a relationship with a Service Integration and Application Management (SIAM) provider, then you can also ask the SIAM to provide a set of common security services across your cloud-based supply chain. Services such as identity management, security monitoring and PKI management can all be centralised and re-used where necessary. An upfront investment in security architecture enables you to support your business stakeholders to adopt cloud services rather than frustrate their desire for agile, flexible service provision. Hybrid cloud is certainly not the easiest cloud model to deploy securely, however an architectural approach to security, conscious of business context, makes an appropriately secure deployment possible.”
Understanding your business needs (both current and future) will help you determine which Cloud solution is right for you.