Q
Manage Learn to apply best practices and optimize your operations.

How do I ensure hybrid cloud security and performance?

Deployment is only half of the hybrid cloud battle. How can I guarantee my hybrid environment is secure and high-performing?

Following the major breaches at retail giants Home Depot and Target, cloud security typically tops an organization's...

list of concerns. And while cloud wasn't directly responsible for these breaches, it's critical to secure sensitive data within the hybrid cloud -- especially if that data is stored or processed in the public cloud. Security breaches damage a company's image, deter customers and result in significant penalties, so it's vital to address security during hybrid cloud planning instead of after a breach.

Data and business protection drive cloud security. To avoid hacking, data interception or data leakage, enterprises can encrypt data in transit and at rest. While there aren't specific standards or practices for hybrid cloud encryption, it's important for hybrid cloud operators to select an encryption platform that works seamlessly between public and private clouds.

Meanwhile, some public cloud providers, such as Amazon Web Services (AWS), include encryption. AWS Simple Storage Service includes encrypted data transfers and automatically encrypts uploaded data. However, if your cloud provider doesn't include encryption, third-party encryption tools, such as Boxcryptor and CipherCloud, can handle it.

Regulatory compliance is another major component of hybrid cloud security. Government regulations restrict where, geographically, sensitive data is stored. Even though cloud computing erases political borders, data still resides on physical hardware subject to local government jurisdictions. And because not all jurisdictions equally enforce intellectual property protections, companies may have to use cloud providers with guaranteed regional presence.

It's important for hybrid cloud operators to work with public cloud providers to maintain geographic limitations -- and to iron out those terms in any service-level agreement (SLA).

Finally, to monitor private and public cloud activity, as well as identify events including unauthorized data access, data leakage or breaches, hybrid cloud adopters must use security tools and policies.

Don't ignore performance or SLA enforcement

While it's important to understand a provider's SLA, it's just as critical to monitor a provider's performance and ensure SLA enforcement. Public cloud providers try to sell more computing resources, while private cloud workloads fluctuate. This means hybrid cloud traffic and load conditions are always changing, so acceptable performance today may not be acceptable tomorrow.

To maintain a positive user experience and ensure providers deliver the service levels promised in the SLA, continuous and proactive performance monitoring is essential. Businesses can employ third-party tools, including those from ScienceLogic, Zenoss and Cloudyn, to help monitor performance.

Hybrid cloud administrators can track performance and make educated decisions about computing capacity. For example, administrators can suggest when it's time to migrate a public cloud workload to a larger VM instance or allocate additional computing resources to a private cloud workload. Tools can also help identify public cloud downtime or other availability issues that might violate SLA terms. While such violations yield few, if any, penalties for the provider, monitoring can prompt the discussions that lead to corrective action.

Stephen J. Bigelow is the senior technology editor of the Data Center and Virtualization Media Group. He can be reached at sbigelow@techtarget.com.

Next Steps

Creating a hybrid cloud from your private cloud model

Building a hybrid cloud requires control

VMware reinforces its hybrid cloud push

This was last published in April 2015

Dig Deeper on Data security in the cloud

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Which security tools does your organization use for hybrid cloud security?
Cancel

-ADS BY GOOGLE

SearchServerVirtualization

SearchVMware

SearchVirtualDesktop

SearchAWS

SearchDataCenter

SearchWindowsServer

SearchCRM

Close