Shifting to Software-Defined
Showing results for 
Search instead for 
Did you mean: 

Best Practices for Securing a hybrid cloud


451 Research recently published a new study, Critical Security and Compliance Considerations for Hybrid Cloud Deployments. The results of this study showed close to three-quarters of the respondents are deploying hybrid clouds, where hybrid clouds are define as a infrastructure that has links between a private cloud and a public cloud or third party cloud. Hybrid cloud is clearly becoming the preferred architecture for the future.


This study also found, as enterprises adopt hybrid cloud, their number one concern is security. The significant number of stories about data breaches has enterprise concerned about break-ins, but even with this heightened awareness, security concerns aren’t stopping enterprises from deploying hybrid clouds. The benefits of moving to a hybrid cloud are driving enterprises to carefully plan their hybrid cloud to address their security and compliance concerns.

Through this study, the 451 group found 4 best practices enterprises need to follow in order to secure their hybrid clouds

Data Protection. A fundamental part of security is data protection. Data in motion, in use or at rest must be protected, especially as public cloud is employed a part of the application infrastructure. Protecting data in the public cloud, and as it moves to or from the public cloud, is critical

Infrastructure and Network Protection. Perimeter security is no longer good enough. Enterprises must create security zones and employ centrally managed network protection as today’s applications often require data to traverse environments.

Identity and Access Management. Consistent access control and role-based access management, connected to an enterprise directory, is critical for hybrid cloud environments. Uniform access policies and enforcement mechanisms must be defined to prevent unauthorized access.

Logging, Auditing and Reporting. Collecting logs from multiple reporting tools that monitor public, private and traditional IT, unifying log data into a common format, and employing analytics to identify anomalies is a critical requirement. Using automated tools to assist with compliance checking and auditing is also very important.

To find out more about these best practices and learn about satisfying compliance requirements and risk mitigation for hybrid clouds, read the 451 report, Critical Security and Compliance Considerations for Hybrid Cloud Deployments.

About the Author


Ken Won is the Director of Cloud Solutions Marketing at HPE. He is responsible for marketing the HPE Helion brand and HPE cloud solutions. Before joining HPE, Ken spent over 20 years in the high tech. industry at companies such as Sun Microsystems, Silicon Graphics, AMD and Force10 Networks. Ken has a B.S. in Electrical and Computer Engineering from University of California, Santa Barbara and an M.B.A. from Santa Clara University.