Hybrid Clouds Not Secure?

Rich Mogull at Scurosis Blog (#13 at http://oversitesentry.com/security-news-reviewed/) has the latest post

https://securosis.com/blog/hybrid-clouds-an-ugly-reality

The problem? A Hybrid cloud is by definition part cloud and part local systems.  One can easily imagine administration problems as files and data have to bridge both environments.

richmogullatsecurosisblog

The disadvantage is the loss of compartmentalization, i.e. the ability to say the cloud systems are taken care of and separate from ours.

One of my old pictures on clouds:

Cloudsecurity

 

 

 

An aspect Rich does not mention is the log review capability may not be good enough on the cloud systems, since the inhouse IT staff may not have full access to the cloud systems.

 

 

The problem with security is that the weakest link is where all the problems occur, so if there are built-in weak links that is not good.

networktap

Not to mention all the firewall accommodations one has to do for the hybrid cloud setup.

 

 

Unless you have the additional resources, equipment, and expertise to review a Hybrid cloud it is likely best to stay away from a difficult configuration.

 

 

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.