Everything you ever wanted to know about security policy management, and much more.
In my previous post, we looked at three trends which demonstrate that, despite the general industry expectation that organizations would eventually run ‘cloud only’ IT infrastructures, the hybrid cloud environment is here to stay.
This means that organizations will need to continue to maintain and manage robust security consistently across both their on-premise and cloud infrastructures. So how should organizations approach this task?
Network segmentation matters
The starting point is deciding whether the security and compliance requirements for a given business application are better served in the cloud, or in an on-premise environment. Your existing network segmentation scheme will provide useful initial guidance on this.If network segmentation is set up and managed correctly, the servers and applications that reside in the least segregated zones on your network may well be suitable for migration to the cloud.
In contrast, applications and servers in zones which are highly protected and reside behind multiple firewalls should remain in your own on-premise data center, so that they can be robustly secured.
Appraising your applications
Following an assessment of your network segmentation strategy, you should then review the functions that your business applications are actually performing, and the data that they process, to help determine whether they should be deployed on-premise or if they can be migrated to the cloud. There are three main areas that should be reviewed:
Bringing clarity to your hybrid environment
As hybrid cloud environments will be here for the foreseeable future, the complexity of ensuring that security is maintained throughout and following the application migration will remain challenging. However, by identifying from the outset which applications are best suited for cloud deployments, and which should remain on-premise, you will be able to bring more clarity to your cloud security strategies – and improve your security posture in the process.
Receive notifications of new posts by email.