Grounded in the Cloud
cancel
Showing results for 
Search instead for 
Did you mean: 

Technical Cloud Security: The need for hybrid cloud security

SimonLeech

This is the first in a series of videos and blogs looking at some of the technical aspects of hybrid cloud security. Today we will introduce the series by discussing the need for hybrid cloud security. Other videos in the series can be found by searching for the tag cloudsectechvideos.

Moving part or all of a business to the cloud is a big transformation project for organizations of any size, and senior executives need to pay attention to all of the risks before signing off. So it’s not a surprise that 451 Research highlighted security, data sovereignty, and regulatory compliance as the top three concerns facing enterprises when adopting cloud in a recent study.

In this video, the first in a series, we are highlighting the need for hybrid cloud security by looking at the results of three areas of recent research.

Firstly, the 451 Research report, Critical Security and Compliance Considerations for Hybrid Cloud Deployments, commissioned by HPE, talks about the challenges that IT leaders identified when interviewed by 451. These can be summarized as the need to maintain consistent security policies across both traditional and cloud environments, the need to secure data, both at rest, in use, and in motion, and the importance of ensuring compliance with regulatory and policy requirements.

Secondly, we look at statistics coming out of various vendor reports, and the relevance of these statistics in a cloud context. For example, on average cyber criminals are inside an organization for 146 days before they are identified, and 84% of recent breaches took place at the application layer.

Finally, we investigate the Cloud Security Alliance report looking at ‘The Treacherous 12’ – or the top threats in cloud computing in 2016, something we have already covered in detail on this blog in the past.

It’s important for the information security practitioner to have a clear understanding of the technical security risks of any new platform that is being considered as early as possible in the lifecycle of the migration project. Part of this due diligence from a cloud perspective should include understanding any security challenges that are introduced in the cloud, understanding the specific cloud security threats, and being aware of the differences in cloud deployment models.

 

 

To learn more about hybrid cloud security, download the whitepaper from 451 Research Group. You can also learn more about the HPE approach to Hybrid Cloud Security. Other videos in the series can be found by searching for the tag cloudsectechvideos.

0 Kudos
About the Author

SimonLeech

Simon Leech is a Certified Information Systems Security Professional with a specialisation in Security Architecture (CISSP-ISSAP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified in Cloud Security Knowledge (CCSK) and Chief Technologist Security within the Hewlett Packard Enterprise EMEA Hybrid IT Team. Within Hewlett Packard Enterprise, Mr Leech is responsible for influencing and evangelising the security strategy of the Hybrid IT team. Simon is active on Twitter as @DigitalHeMan

Events
28-30 November
Madrid, Spain
Discover 2017 Madrid
Join us for Hewlett Packard Enterprise Discover 2017 Madrid, taking place 28-30 November at the Feria de Madrid Convention Center
Read more
HPE at Worldwide IT Conferences and Events -  2017
Learn about IT conferences and events  where Hewlett Packard Enterprise has a presence
Read more
View all