How a hybrid cloud architecture stops the data loss and shadow IT threat

(c)iStock.com/Erik Khalitov

Cloud computing continues to evolve at a fast pace, while having a large impact on modern businesses.  Many organisations are considering or trialling cloud adoption, with Gartner predicting cloud computing as one of the 10 strategic technology trends for 2015, once again, showing its continuing momentum.

Cloud provides organisations with many benefits, such as the potential to reduce costs while increasing value by allowing the more efficient use of IT resources. It also has the ability to increase capacity while reducing the need to purchase capital equipment. Whilst there are many benefits, there are also some concerns around protecting data and applications from any possible vulnerabilities and threats, including shadow IT.

Cloud migration

Many believe that migrating data from existing data centres to the cloud means foregoing security, data ownership and weakening internal controls and audit trails. With a private cloud, data should be as secure as it is in an existing data centre, while with public and service provider clouds, security can be assured if sensible precautions are taken. However, the problem is that many migration projects are often rushed or not completed properly due to pressure from the business to simply ‘get it done’.

Before any migration project, it’s important to understand the current business environment, why data and applications need to be migrated and to examine any configuration requirements, particularly around the definition of user and system roles which are often far too broad in a traditional data centre setup. Organisations can do this by conducting a full audit and clean-up of the organisation’s security environment before starting the migration progress. This should include scope-based and role-based access requirements – in other words, who needs access to what and what they can do to it.

The easiest and most secure way to migrate data is through a two-stage migration process. This means attaching non-virtual, physical, existing servers to cloud storage – treating this as storage-as-a-service – then migrating the compute workload as and when the business is ready.

Shadow IT

IT departments no longer have control over all IT solutions implemented within the organisation, in fact their control risks being reduced as increased business flexibility is demanded. A shadow IT ecosystem has emerged where every single employee has the potential to act independently from the IT department, implementing cloud applications that may be convenient to them, but could pose a significant threat to their organisation’s information security and availability, potentially impacting its customers and consequently its revenue.

In some cases, customers may leave if you have a sustained outage or loss of client data. In turn, if end-users who’ve deployed rogue cloud apps leave, taking passwords with them, the enterprise can become locked out of their account. If this were to happen, the loss of client data or, more importantly, the loss of enterprise data presents a real risk to both reputation and security.

Enterprises can mitigate some of the issues of shadow IT by adopting hybrid cloud architecture. This provides the flexibility demanded by business units while also being structured and secure, maintaining control and assuring data governance. As enterprise IT evaluates the best technical approach for hybrid IT management, it’s vitally important that the speed, flexibility and agility drawing end users to public clouds in the first place be preserved in the hybrid model. Although you can’t be 100 per cent sure that the information you store on the cloud is safe, you can use these protective measures in order to make sure it is as secure as possible.