Create a Single Unified Security Policy for Hybrid Cloud
By Linda Musthaler, Principal Analyst, Essential Solutions
In my last article , I talked about the ways that Cato Networks helps to overcome the problems of SaaS cloud sprawl. Now let’s look at the challenges posed by Infrastructure-as-a-Service (IaaS) sprawl.
“Cloud sprawl” refers to the problem of an enterprise having so many cloud services in use that it has lost track of who is using the services, and for what purposes. Who is creating virtual servers in the Cloud? What data is being moved to or kept in the Cloud? Who has access to the data? How is it being secured? These and other questions bring up real security and compliance issues.
IaaS refers to the use of cloud datacenters such as Amazon Web Services (AWS), Microsoft Azure, Rackspace Hosting, and numerous others. Companies are moving a lot of services to the cloud. Gartner expects the worldwide cloud system infrastructure services market to grow 38.4% in 2016 to a value of $22.4 billion.
Traditionally companies have significantly invested a lot in the cloud infrastructure in their own datacenter, but also use a third party public cloud – particularly when they need to move apps to the cloud – which results in what is called a hybrid cloud. Now some of the resources are local to the datacenter, and some are located in the public cloud. The company must manage both platforms and connect them, which leads to challenges about security and connectivity.
The first question is how to manage security policies on multiple clouds. Each computing platform, such as VMware NSX in the datacenter and AWS in the public cloud, has its own management tools to secure and control its own specific environment. However, these tools don’t work well when applications span across platforms, such as when an on-premise order entry application bursts into the cloud for extra capacity during heavy traffic times like holiday shopping.
Without a singular management tool that works across both the datacenter and public clouds, organizations don’t have the ability to manage a unified security policy for data and applications. Managing two separate clouds, as shown in the illustration below, gets way too complicated and is prone to errors that can lead to lapses in security.