How to manage cloud security in a hybrid/mobile environment

Share this post:

wpid-thumbnail-fefddc101a88de3c2a88275a518d706b-500x327One common theme I come across when working with clients is the need to achieve balance. The objective is to create new and innovative services that grow and enhance the business. Achieving that while also delivering availability, reliability and security is where the challenge becomes complex.

If you look across a hybrid cloud estate, which brings together traditional systems, public clouds, known and anonymous mobile users, the points of risk are wide and varied. It’s easy to inhibit a service, through disproportionate constraints, to the point where it becomes all but unusable. We’ll take a look at the security concerns associated with this challenge, and how to safely open the service to its maximum potential.

Hybrid and mobile have a varied set of threats associated with them. So let’s look at a few, starting with data locality. In essence, this is a question of Where is my data when it is in the cloud? Is it on my premises, in a public cloud data center, on a mobile device, or a mix of those?

Data partitioning, knowing what data you have, what can go out into the public domain and what crown jewels need to be kept secure is a core design concept for any hybrid implementation. The ease and value of a cloud, and its ability to rapidly spin up servers, and move virtual machines from place to place in itself becomes a data management worry in terms of meeting geolocation regulatory controls. Mix in mobile devices that are used either by known or anonymous users, corporate sources or BYOD, and you have an end user estate where control is possible in some places, but not practical in others.

Human nature also plays its part, and even with the best intentions, end users do not prioritize securing their mobile devices. This opens multiple potential access points to corporate data.

Hybrid also brings a particular problem, in that it brings together vendors and clients that will, by definition, have a differing view risk management. Differing policies, approaches, and regulatory adherence mean that a traditional centralized security policy no longer fits the bill.

The number of potential risks is seemingly endless, and the result is to easily conclude that this is too hard a problem to address. A more secure solution runs the risk of significantly reducing the business value that cloud’s flexibility offers.

Traditionally, a defense in depth approach has been taken to securing any system. IBM’s MobileFirst method, for example, provides a development capability that is fast, repeatable, secure, and standardized with a consistent user experience. It is easily integrated into the enterprise, which allows speed and creativity in the service being created, while building it on a solid foundation.

Move into the cloud data center, and this solid foundation continues to be strengthened. Good practice such as continual monitoring, encryption, data sanitization and ongoing penetration testing, hosted in physically secure locations, many in country, and independently accredited to ISO27001 level provides confidence that we value your data as much as you do.

But what makes this approach to security unique is the amount of transparency in the process. Open inspection demonstrates the ability to deliver the necessary security levels. Moreover, we work with you to build a level of security that is tailored to your needs and specifications so that the risk level is one you set rather than one that is imposed.

This layering approach should be transparent, through the staff that services your systems and to the way your service provider engages and works with you.


Cloud Advisor, IBM Cloud

More Hybrid stories

French insurer teams with IBM Services to develop fraud detection solution

Auto insurance fraud costs companies billions of dollars every year. Those losses trickle down to policyholders who absorb some of that risk in policy rate increases. Thélem assurances, a French property and casualty insurer whose motto is “Thélem innovates for you”, has launched an artificial intelligence program, prioritizing a fraud detection use case as its […]

Continue reading

Cloud innovation in real estate: Apleona and IBM rely on new technologies

Digitization does not stop at the proverbial concrete gold — real estate. In fact, the real estate industry is on the move. Companies are realizing the benefits of digital transformation and are capitalizing on the power of new technologies such as cloud, AI and blockchain. Take, for example, Apleona GmbH, one of Europe’s largest real […]

Continue reading

Innovate with Enterprise Design Thinking in the IBM Garage

We’ve all been there. You have an amazing idea that’s really exciting. Maybe it’s a home improvement project, or perhaps it’s a new business idea. You think about all the details required to make it real. But, once you get to the seventh action item, you’re not so excited anymore. Sometimes when we realize the […]

Continue reading