...building hybrid clouds that can support any device from anywhere
In the Security Issues in the Hybrid Cloud document that our team published in 2011 we stated that “when securing a hybrid cloud system, you should consider all of the factors for both the public and private cloud.” While this statement is still true, the approach to securing a hybrid environment might not be the same as when you are planning your private cloud security. In a hybrid cloud scenario you can still leverage the major considerations for private cloud security, combined with public cloud security considerations. However on top of that you need to address the different threat landscape that will be introduced by this mixed environment. One way to tackle these concerns in a hybrid cloud scenario is by leveraging and old but relevant security concept called defense in depth.
This article presents a simple network diagram for a hybrid cloud environment and maps some of the key areas that should be addressed by leveraging a defense in depth approach to enhance the overall security of this solution.
In order to enumerate the core layers of a Hybrid Cloud scenario we will be using the diagram below:
The areas mapped on this diagram reflect the core components in a hybrid cloud scenario. Each core area must be expanded in order to identify the threats and vulnerabilities that are applicable to it. The numbers on this diagram do not reflect any priority order; it only organizes the six major components which will be covered in the section that it follows.
Remote clients are also known as endpoint or mobile computers. They will have access to resources that are located in both places: public cloud and on-premise. Sometimes the path for accessing cloud resources must be enforced via on-premise connectivity. Depending on how the company wants to enforce their security policy, they might decide to have the endpoint connect to a VPN Server (on-premise) and pass through a series of security validations before allowing access to resources (on-premise and on the public cloud). There are many design options to consider when planning endpoint protection on a hybrid IT scenario. However for the subject of defense in depth for your remote clients the main recommendation is compliance with minimum security requirements, as shown below:
When evaluating which cloud provider will be used to host your applications you must be diligent about understanding their security strategy, which includes the understanding of their:
These are only some of the elements that you must be aware while selecting your cloud provider. Microsoft offers a CIO's Guide to Negotiating Cloud Contracts that can also help with this selection.
From the defense in depth perspective, what can you do to enhance the overall security by adding multiple layers of protection? In a hybrid scenario, and mainly if you are using IaaS (Infrastructure as a Service), chances are that you (in the role of the customer) will maintain the servers on the cloud provider’s platform; therefore you will be responsible for keeping these servers secure. Some recommendations are:
In a Hybrid scenario edge protection becomes even more important, because some solutions will require a site to site tunnel between on-premise and cloud provider. Some gateways will have the VPN capability built in and will allow you to control your edge protection in a unified solution. When planning edge protection for a defense in depth approach for hybrid cloud make sure that:
If you think that this is an area where security is less important than others because you trust everything that it is on-premise (since you have full control) you are wrong. The level of security on-premise should be at the same level or even higher than others. Internal threats are still a reality and social engineering on insiders is a growing threat. Applying defense in depth at on-premises resources is probably the broadest area since you (customer) has full control over all process and procedures, from the hiring process to the operational process. Ensure that you are tackling this subject not only from the server perspective, all layers must be covered: from the development lifecycle of the internal applications, passing through network protection, workstations, servers, general policies and practices.
As you could see in this post, there are many areas that you can add multiple barriers to enhance the overall security for your hybrid cloud. Defense in depth is all about adding multiple barriers in order to mitigate potential breaches and reduce the likelihood that the attack will succeed.
While this post does not aim to be the ultimate answer for Hybrid Cloud Security, it aims to suggest a set security best practices that can be used while planning the security strategy that will be used for a hybrid cloud. There are many others aspects that must be covered and we have an article at TechNet Wiki called Security Issues in the Hybrid Cloud that you can edit and enhance it with other considerations on this area.
See you next time!
Yuri Diogenes SCD iX Solutions Group
Go Social with Building Clouds! Building Clouds blog Private Cloud Architecture Facebook page Private Cloud Architecture Twitter account Private Cloud Architecture LinkedIn Group Cloud TechNet forums TechNet Cloud and Datacenter Solutions Site Cloud and Datacenter Solutions on the TechNet Wiki