Servers & Systems: The Right Compute

Curing the 5 most common hybrid IT security risks

Curing the 5 most common hybrid IT security risks_Blog2_shutterstock_600929006 (4).jpgEvolving threats to security and compliance may cause an SMB to shy away from transitioning some assets to the cloud, but learning to address Hybrid IT security risks could be the answer.

For small and midsize businesses adopting a cloud-based approach to managing their data and applications, security is a top concern. Evolving threats to security and compliance may cause a business to shy away from transitioning some assets to the cloud.

A Hybrid IT solution could be the answer. This approach enables companies to achieve the agility, cost savings, and accessibility of the cloud, while enjoying the peace of mind generated by on-site control.

Just beware of these five Hybrid IT security risks plaguing SMBs today—and know how to remedy them.

1. Ignorance is not bliss

Diving into Hybrid IT without keeping an eye on security is not wise. Even if you know what security issues to be aware of, your business might still lack the in-house experience needed to securely manage a Hybrid IT solution. If you don't have an IT security expert in-house, then you should be aware that you inherently lack information. To remedy this, do your due diligence when choosing a cloud service provider.

Tip: Pick a provider that you trust, and maintain strong and open communications with them about your current and future security needs. It's more difficult to track and respond to intrusions when you have more locations, devices, and transactions to keep tabs on, so developing a communicative relationship with your provider is essential. You should also perform your own local security measures, such as requiring strong passwords and implementing two-factor authentication.

2. Protocols don't always easily translate between environments

Your business might be familiar with managing authentication, authorization, and identity management for on-site data and applications, but as you expand into a Hybrid IT approach, those tried-and-true processes must work in two environments. For example, consider the issue of security compliance. If your company deals with payment card data, you may have to demonstrate that both your internal systems and your cloud provider are compliant with the Payment Card Industry Data Security Standard. However, the methods you use to prevent a leak on an internal system may not directly translate or apply to the cloud.

Tip: Once you adopt a Hybrid IT solution, you should ensure that data transfers are appropriately protected. There isn't a one-size-fits-all solution; this balance is based on specific needs, individual workloads, and IT resources. For example, you shouldn't move card data and payment information from a compliant database to a less secure public cloud storage system.

3. On-site doesn't equal secure

Don't be fooled by thinking your data on the cloud is at greater risk than data stored on-site. Sometimes, the opposite is true. For instance, consider the ransomware attack suffered by a senior care business in Texas, as reported by Yahoo Small Business. While data the business backed up to the cloud remained safe, hackers managed to encrypt files stored only on-site, forcing the business owner to pay a ransom to obtain the decryption code.

Tip: Create a thorough Hybrid IT security strategy to ensure all your data, whether stored on-site or on the cloud, is protected on all fronts. For instance, your IT team is responsible for knowing where company assets are housed and who has access to them.

4. You'll lose some control

When you move certain workloads to the cloud, you might struggle with losing control of these applications, says Carnegie Mellon University. For instance, a software update in the cloud may catch you off guard and create integration problems with other programs, leading to disruptions among some of your most critical business applications.

Tip: Maintain constant communication with your cloud provider, prepare for possible disruptions, and automate your risk management with the right software.

5. Things can go haywire quickly

When your company data is available on the cloud and your employees, partners, and contractors are accessing it from their devices, you can lose control of how your assets are handled and shared. Additionally, new hires and employees granted temporary access present a unique challenge to maintaining consistent security.

Tip: When users don't understand or follow proper security procedures, they put your entire company at risk. Robust security education programs will keep your business and its sensitive data safe and out of untrained or lazy hands. Spreading awareness of Hybrid IT security risks is the first step to securing your organization and curing the ailments associated with poor security. Your employee and customer data will be safer in the long run, and a proactive approach to security will keep your business running and avoid the unnecessary downtime caused by a breach.

Need help connecting your SMB to the cloud? See how Hybrid IT can solve your IT challenges.

Ready to take the next step? Check out the SMB Hybrid IT for Dummies Guide. Because there are no "dumb" questions!

Or are you ready to purchase? Visit the HPE Store.

Robert Checketts
Hewlett Packard Enterprise

0 Kudos
About the Author


Robert has over 25+ years of IT Marketing and Product Management leadership experience spanning country, Regional and WW organizations. Robert is a marketing executive with extensive experience in field marketing, channel marketing and product marketing on a global basis and is driven to deliver SMB’s end-to-end affordable infrastructure that’s secure from the start, optimized for every workload, packaged for many consumption models, ready to scale, and easy to manage.