Brian Jackson - Fotolia
I've seen some predictions that more enterprises will implement hybrid cloud data storage paradigms where data is stored in an enterprise's data center while used in tandem with public cloud software as a service (SaaS) applications. What are the security benefits of this model, and do they outweigh cloud storage security issues such as potential cost, performance and management drawbacks?
Hybrid cloud storage strategies leverage the cost and scalability of cloud storage for some data while allowing enterprises to maintain more control over their most sensitive data.
The general approach is to use a cloud provider to store public or less sensitive data, while keeping private and confidential data on-premises. This approach is coupled with SaaS services, such as analytics or marketing services, which can access data from a cloud provider using the provider's data access API.
To avoid hybrid cloud storage security issues, IT managers will need to establish appropriate authorization controls with regards to reading and writing data in cloud storage systems. There are more challenges with regards to accessing on-premises data from a SaaS. The organization and its SaaS provider may need to create data transfer methods from on-premises storage to the SaaS. It will also need to determine network policies and access controls that will apply to the SaaS vendor.
Some enterprises may be more comfortable creating data sets specifically designed for the SaaS provider, and even generating those on a regular basis, (e.g., nightly). Data sets can then be transferred using secure file transfer methods rather than providing users with direct access to enterprise database and applications. It is important to note that there are performance and latency trade-offs with file transfers versus direct API access to data. As a matter of fact, direct access from APIs may be slower depending on network and application latency. By batch-uploading data to a SaaS, you eliminate SaaS-to-on-premises latency, but you do introduce a time lag between the time at which data was generated and the time it is available in the SaaS.
While implementing hybrid cloud storage holds many promises, consider the potential hurdles that can derail your plans, including cost, performance and timeliness that can derail your plans. Enterprises must carefully consider these hurdles before jumping in feet first.
Ask the Expert!
SearchCloudSecurity expert Dan Sullivan is ready to answer your application security questions -- submit them now! (All questions are anonymous.)
Dig Deeper on Hybrid and Private Cloud Computing Security
Related Q&A from Dan Sullivan
Docker's recent upgrade introduced support for hardware signing and in the future, automated security analysis on Docker images. Expert Dan Sullivan ... Continue Reading
Cisco's new project Contiv automates operational policies for containerized applications in the cloud. Expert Dan Sullivan explains the benefits of ... Continue Reading
Dropbox API abused by attackers posing as legitimate users in a huge spear phishing campaign. Expert Dan Sullivan explains how to mitigate the risks ... Continue Reading