Source
The lure of the public cloud
The many benefits of the public cloud have engendered fervent converts among app developers and software providers. It’s these developers who’ve led the push towards a less-private, more-public cloud mix that a majority of industries now use.
Minimal investment in hardware, licenses, maintenance and other upfront expenses make the public cloud a viable option attractive to both IT and finance departments. The speed and reliability of public clouds make them ideal ecosystems for hosting apps and software that demand consistently high performance capabilities.
Competition among public cloud providers keeps the public cloud an innovation-driven landscape. To a certain extent, this allows developers to build on pre-existing infrastructure so companies can minimize investments with less frequent upgrades. Cloud services also allow businesses to scale up or down their cloud footprints, based on changing workload and budget needs.
It’s not cloud-cuckoo land
These benefits come gift wrapped with some warnings about using the public cloud to run a business effectively and efficiently. While the public cloud offers instant scalability, it also takes away control from company IT administrators and plugs data and systems into Cloud Service Provider (CSP) policies.
Businesses can usually select geographical regions where their apps would run and where their data would live on the public cloud, but aren’t always able to choose exact locations like specific countries or cities. Having critical services and apps on the public cloud exposes businesses to downtime, whenever there’s a server issue or outage at the CSP.
Data that lives on the public cloud is only as secure as the most vulnerable gateway on the CSP’s network. As more sensitive business data—like customer, healthcare and financial details—is held in public clouds, CSPs become irresistible targets for hackers.
Sometimes the problem can be entirely out of your control. A co-tenant’s error in securing his systems can result in security threats or breaches to your data, for no fault of your own.
How to venture into public cloud without getting rained out
The public cloud and hybrid cloud are here to stay because the benefits of these solutions far outweigh any challenges or threats they may pose. With the right combination of policy and execution of cloud infrastructure, most threats can be controlled and mitigated.
1. Rethink security models for the cloud
The hangover of legacy ideas in developing security systems for cloud operations is a real bane of this transitional era in cloud computing. What worked for traditional on-premise applications and infrastructure will not work in the cloud, especially not the public cloud.
Unlike an on-premise system, the public cloud limits the extent of control and customization you have over how you protect your assets in the cloud. It’s a good idea in such a scenario to rejig application architectures to make them more secure, knowing that they’re going to live on a public cloud network. Another approach is to clearly define perimeters of the network to limit exposure to data and applications.
2. Avoid the temptation to DIY
Cutting costs is often one of the chief reasons for moving to the public cloud from a private, on-premise or hybrid setup. In the enthusiasm to cut costs, too often IT administrators resort to a slap-dash, DIY process guided by homespun strategies that may not be the safest or most responsible way to handle data, applications and associated infrastructure.
A McAfee study shows that nearly 50% of businesses are delaying the move to the cloud due to a paucity of cybersecurity professionals with the right skill sets. No matter how deceptively simple the transition may seem, trust professionals with the task. Alternately, deploy a dedicated app like Nutanix Move to do all the heavy-lifting involved in a cloud transition in a seamless, automated manner.
3. Shared responsibility is a reality
“Unless companies and CSPs clearly divide all the responsibilities for cybersecurity in public cloud environments, some responsibilities could fall through the cracks,” according to a McKinsey report on public clouds. Over the past half-decade or so, CSPs and their customers have reached an unspoken agreement that the onus of securing the cloud network was on the CSP.
CSPs offer multi-factor user authentication to regular analytics on system usage and real-time security alerts. On the other hand, the client would be responsible for maintaining adequate security controls for all its data on the cloud, by hashing and salting passwords and PII. Similarly, making sure app architecture is designed with security front and center gives clients a degree of control over their cloud resources.
4. Unify control across private, public and on premise resources
It’s extremely common for businesses to have some of their applications run on private clouds, some on public clouds, some on-premise and even others on a combination of all of these. However, as we’ve seen, the security methods required to manage each ecosystem are unique in their own way and trying to force-fit one method on an unrelated cloud or on site network is a recipe for disaster.
Investing in a comprehensive, cross platform security suite is a great way of securing all your assets, whether on the public cloud or otherwise. Nutanix Beam is an example of a multi-cloud security solution that not only gives IT admins complete visibility across all cloud data, applications and infrastructure; it also helps identify and fix security vulnerabilities in real-time.