November 11, 2015 | Written by: Joanne Scouler
Share this post:
Cloud security can mean many different things with no one size fits all security solution, but cloud management and cloud orchestration are important pieces of the puzzle. When a company has multiple cloud providers in a distributed cloud model, they need overarching cloud management for control and visibility across the whole cloud –the first basic step toward securing it. And to effectively manage cloud, the ability to automate IT processes and orchestrate business processes is required. Orchestration is the coordination of automated tasks across tools, teams and environments.
In a hybrid cloud there are many places to put data, and storing sensitive data in the right place is important. When a company has a data breach for storing data in the wrong country or wrong part of the hybrid cloud, it can cost huge sums of money and damage credibility with customers.
Hybrid cloud security is complex, there is the issue of:
- How to secure data
- How to secure applications
- How to secure the infrastructure
There is also the increasingly important concern about how to secure mobile devices that connect to the cloud. IBM has tools that address all of these cloud security concerns.
Companies are asking important security questions of their public cloud service providers. And for companies new to the cloud, they want to develop an up-front risk mitigating hybrid cloud strategy. Security questions are the number one type of question we receive from customers using Softlayer for their public cloud. Security is one of the main drivers for the growth in private cloud.
There are many different ways to set the right level of security in the cloud. Often the do-it-yourself security approach for a hybrid cloud may be the right choice because you do not want to lock your security policy to your public cloud providers or your public cloud provider may not address security concerns to your satisfaction.
Cloud management at a level above the infrastructure layer, monitors connections between private and public clouds, so security policies can be applied consistently. Policies can be set up so data and applications are consistently deployed where you want them to go, while ensuring sensitive data is only deployed where properly secured.
In addition to the traditional security tools like authentication, firewalls and malware protection, approvals and notifications can help secure data and applications that are deployed in a hybrid cloud.
You can customize event-triggered approvals to run during events such as a new data deployment on a hybrid cloud. This is one way to confirm you are deploying the data to the right part of the cloud. You can also set up approvals as a process to run when you do an application deployment to the cloud. Notifications and approvals may not be thought of as traditional security methods but they are certainly a good way to provide another level of authorization.
Is your cloud managing you or are you managing your cloud? Gain the visibility and control you need in order to effectively manage security across your whole hybrid cloud, not just a piece of it. Cloud orchestration is the air traffic controller for your hybrid cloud.
For more information contact Joanne Scouler at firstname.lastname@example.org or @joscouler on twitter.