When it comes to the secure hybrid cloud, Identity has many different definitions from a device a user is using to the combination device, location, password, and other multi-factor authentication means. Even with all the technology there is still the question of where the identity store lives (the bits that contain the identity for all users, devices, etc.) as well as how do you prove identity once the user goes somewhere within the cloud which is outside your control?
TVP Strategy Archives
Edward L. Haletky, aka Texiwill, is an analyst, author, architect, technologist, and out-of-the-box thinker. As an analyst, Edward looks at all things IoT, big data, cloud, security, and DevOps. As an author, he has written about virtualization and security. As an architect, Edward creates peer-reviewed reference architectures for hybrid cloud, cloud-native applications, and many other aspects of the modern business. As a technologist, Edward creates code prototypes for parts of those architectures. Edward is solving today’s problems in an implementable fashion.
Analytics within the Secure Hybrid Cloud
A big part of the secure hybrid cloud is the need for multi-tenant analytics to determine when security events and compliance issues happen. However, analytics cover many different aspects of security within the hybrid cloud from being a control point for compliance to handling vulnerability scanning. What are the requirements for multi-tenant analytics?
End User Computing within the Secure Hybrid Cloud
When we look at the secure hybrid cloud, the entry point to the hybrid cloud is the end user computing device, whether that device is a tablet, smart phone, desktop, laptop, google glass, watch, etc. We enter our hybrid cloud from this device. From there we spread out to other clouds within our control, clouds outside our control, or to data centers. How these devices authenticate and access the data within these various places within the hybrid cloud becomes a matter of great importance and has been a concentration for many companies. How we protect the data that ends up on the end user computing device is also of great importance.
Data Protection for the Hybrid Cloud
In many cases, when we mention Data Protection for the Hybrid Cloud, we are usually talking about backing up to the cloud. The cloud becomes a repository of our backup images and in some cases those backup images can be launched within clouds that use the same technology. Being able to send data to the cloud is becoming table stakes for infrastructure as a service (IaaS) data protection. However, once we move outside the realm of IaaS to Platform or Software as a Service (PaaS or SaaS), data protection is hit or miss.
Securing the Hybrid Cloud
The secure hybrid cloud encompasses a complex environment with a complex set of security requirements spanning the data center (or data closet), end user computing devices, and various cloud services. The entry point to the entire hybrid cloud is some form of End User Computing device whether that is a smart phone, tablet, laptop, or even a desktop computer. Once you enter the hybrid cloud, you may be taken to a cloud service or to your data center. The goal is to understand how the data flows through out this environment in order to properly secure it and therefore secure the hybrid cloud, but since it is a complex environment, we need a simpler way to view this environment.
Privacy in a Big Data World
As we look at privacy of big data within any cloud, on premise, or mixed, we need to realize that the amount of data could be so large that retroactively redacting data may be itself a big data problem and that redacting well defined PII is a possibility on ingest as well as using tools like DataGuise to redact, encrypt, tokenize, etc. such data retroactively can be accomplished as another big data task, but that only handles well known PII. How do we handle derived PII?