The path to multi-cloud – a multi-dimensional problem!

The path to multi-cloud – a multi-dimensional problem!

The path to multi-cloud – a multi-dimensional problem!

By Ashwin Krishnan

‘Cloud’ is all the rage – and for the right reasons.

More practically, for enterprises who have been around for 5+ years, this rage is chastened with the need to balance the investment, learnings and governance put in place for their on-premises investments against their cloud investments – not to mention the unlearning and relearning that goes along with the cloud journey as well as the modified – as appropriate – governance model! That is a mouthful and it is – there is no easy way out.

But let’s dig a little deeper into multi-cloud for a second. Starting with the definition – if an enterprise is in more than one public cloud, that is multi-cloud. And lots of organizations are already there – whether they know or even like it! For instance, if you are using Microsoft Office 365 and Google Docs – #Boom – you are in multi-cloud already! And to boot, as I mentioned earlier if you still have on-premises compute and storage along with more than one public cloud – you are hybrid with multi-cloud. I am not trying to be over-dramatic here but most organisations have never even looked at what the SLA’s and more importantly the impact of a breach could do to them. And this is different for each cloud.

Cybersecurity Travel Tips When Going Abroad

For instance, AWS has famously published a ‘Shared Responsibility Model’ where they articulate clearly what AWS is responsible for versus what the customer is responsible for. But this is only applicable to AWS. IBM Bluemix on the other hand, has a different model. And if an organisation isn’t at least aware of this difference (hats off if they have run a doomsday breach model against each of this!), they are doing themselves and their customers a huge disservice.

But there is one common enduring substrate that is common across these disparate public clouds – and on-premises brethren as well – and that is the ‘data’. This data could be your intellectual property, your customer data, legal records – it does not matter. What matters is that this data is secured regardless of which cloud you use, what variances of the ‘shared responsibility model’ exists between these clouds and an easy to comprehend ‘doomsday scenario planning and recovery’ that is consistent.

OneLogin data breach: Hackers decrypt secured user data, apps and keys

Well, maybe that is too good to be true and I am just toying with you – no such model exists? Wrong – it exists and it what made us #WannaCry recently – encryption. By identifying data – regardless of whichever cloud it may be resident in – and encrypting it beforehand, enterprises have already taken a huge leap forward in protecting themselves (and their customers). So, if it is that obvious, why isn’t every enterprise rushing towards encryption at the same pace as they are rushing towards multi-cloud. The answer is ‘Its complex’. While the process of encryption itself has taken leaps, and bounds in terms of efficiency (there was a significant tax it would impose in the past on compute and memory, nowadays that has improved dramatically), the options of where to encrypt, where to manage the keys and most importantly WHO has access to these keys need to be asked and answered! And this is true of multi-cloud and hybrid multi-clouds.

We will look at the options that exist in the next installment of this series. Stay tuned!

 -Ashwin Krishnan is Senior Vice President of Product Management, Strategy, Technical Marketing at HyTrust

Copyright Lyonsdown Limited 2021

Top Articles

Carnival Cruises hit by fourth data breach in 18 months

Carnival Cruises, one of the world’s largest cruise ship operators, has confirmed that it suffered another data breach in mid-March.

NHS Test & Trace Consolidates Cyber Security

NHS Test and Trace has teamed up with cybersecurity company Risk Ledger to proactively manage its supply chain cybersecurity risks.

The expert view: Accelerating the journey to the cloud

At a virtual seminar on 9 June 2021, sponsored by managed IT service provider Sungard Availability Services, eight senior IT decision makers gathered to discuss how organisations can accelerate their…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]