The title of this article is “In the Hybrid Cloud, Your Role Matters, but…,” and there is a big “but” there. How you use your role is what really matters. Whether you are a cloud, virtualization, or container administrator, evangelist, or architect, how you use your role makes or breaks the secure hybrid cloud. We have written a lot about technology, but it’s the people who really make the technology a win for the business. It is the processes you develop that make the difference. It is the roles you entrench that can hurt your prospects. So, how do we eliminate the “but”?
Articles Tagged with Secure Hybrid Cloud
Nothing quite changes like IT. We have gone from incredibly manual, thought-requiring human processes to handling petabytes of data to make a single decision. In essence, our requirements have changed to meet our real-world needs, whether such change has been to improve performance, capacity, or other needs. Requirements rule the world of IT. Recently, we have seen an additional shift in requirements. TVP Strategy is currently looking at a small set of IT: data protection. Our approach has been to produce a coverage graph. The graph gives us a nice visual on how vendors’ products match up. But that is not all. We recently did some analysis comparing products over time as our coverage graph requirements have evolved. The results of these comparisons over time are very interesting.
This is the first of many comparisons and commentaries on data protection within the hybrid cloud. We are looking at the mechanisms used to achieve data protection. Mechanisms—how boring—yet from an architectural and data management view, mechanisms become increasingly important. The mechanisms available can impact the costs of your data protection. One example: it is often thought that data protection is instantaneous. It isn’t. It has a window of execution measured in hours, not microseconds. If you need microsecond data protection, you may need other tools to fill that need.
The first things to decide are what you need in the way of time to recover your application (recovery time objective, or RTO) as well as how much data loss you can stomach during recovery (recovery point objective, or RPO). RPO determines how often data protection should be used, while RTO governs how soon recovery will be completed once started. This pair of critical factors will control what mechanisms are important within your organization. Beyond those two, there are other, equally important mechanisms that influence the types of recovery mechanisms in use.
I recently had a number of consulting conversations about IT transformation and adding new Security as a Service products to companies’ existing clouds and tenancies. This is the beginning of IT transformation in many cases. A company has realized it needs to provide security to its tenants while using clouds more securely at the same time. This is a hybrid cloud. The company provides a cloud, yet uses tools from Box, Salesforce, Google, Microsoft, and the like. So, where do we start with IT transformation? With architecture that includes security.
I have written many times about hybrid cloud security, but there’s a fundamental security requirement that happens as you access the hybrid cloud. In our previous back to basics article we wrote about the need for situational awareness. We’re going to expand on that topic some more. The real success to hybrid cloud security is understanding how the users access the hybrid cloud: where they access it from, why they access it, and what is accessed or used. From a security standpoint, it starts with one organizational item: people.
We are curious about which cloud or clouds everyone uses, as the market is rather diverse, ranging from Amazon Web Services to clouds based on OpenStack, VMware vCloud, and community clouds that meet specific needs. Are you using multiple clouds, just one cloud, or no clouds? We’d like to hear your answers to these questions. We have our heads in the clouds, as we not only write about them here but also use clouds in our daily business. This will be the first in a series of polls in which we invite you to share your opinions by voting. We’ll share the results of these polls with you in return.