The cloud dust has settled at last, and it’s become clear that a hybrid model makes the most sense for most companies. In other words, a blend of existing IT infrastructure and public cloud provides the flexibility, cost savings, performance, and scalability that organizations need to compete. The big question then becomes: How do you secure it?
No less than 90% of organizations will adopt hybrid infrastructure management capabilities by 2020, says Gartner. But while organizations may feel strongly that hybrid-cloud architectures are the right choice, concerns remain about data protection, security, and compliance.
Hybrid cloud: An offer organizations can’t refuse
A hybrid environment brings with it promises of choice and flexibility, allowing IT leaders to keep data in whichever environment that works best for that data—from both a compute and security perspective. And the opportunity to keep some types of sensitive or critical data—such as personally identifiable information (PII)—on premises while still embracing the enormous potential of private and public clouds is hard to turn down.
However, as with any change to an enterprise infrastructure, adopting a hybrid-cloud model means looking at the security practices already in place and how they may need to be adapted.
When done properly, a hybrid infrastructure should help improve an organization’s security posture. However, security must be a visible piece of your overall hybrid-cloud strategy, or you might be introducing new risks without taking the appropriate steps to mitigate them.
As enterprises consider migrating to a hybrid infrastructure to meet their IT needs, there are four primary security challenges they will need to overcome.
1. Visibility and control
As customers start to introduce infrastructure beyond physical machines and virtualization—for example, a mix of public clouds such as Azure, AWS, and Google with private clouds such as OpenStack—complexity and risk grow at an exponential rate. This makes it much more challenging for companies to clearly view and control all the distributed systems that make up the infrastructure. After all, if you can’t see your entire environment, how can you control or secure it?
This is especially true for administrators who are manually monitoring for security and compliance—not to mention manual patching and configuration management.
And it’s not just security that becomes compromised in this kind of scenario. Companies that don’t have good visibility into and control of their infrastructure are far less likely to be successful in their attempts to implement, say, self-service systems. And if no one is quite sure who made what configuration change when, there will be finger-pointing when things don’t go well—not exactly the kind of collaborative environment necessary for agile development and deployment.
To secure and ultimately reap rewards from hybrid cloud, companies should strive to automate anything and everything they can, implementing not only infrastructure as code, but security as code as well. In other words, avoid a manual process when you can build an automation. Automation will provide repeatability and the ability to share and verify, all of which will lead to making it easier to pass security audits.
It’s important to put some sort of tooling in place to provide centralized management and visibility across the entire heterogeneous infrastructure, but it’s also important that such tools are open. Otherwise, your organization is sure to hit a wall as your infrastructure inevitably changes but the management tools you are using don’t—or can’t. Using tools based on open standards will also make it easier to find people who know the tools and can work from repeatable, sharable features and processes.
2. Compliance and governance
For some time, organizations in highly regulated industries were nervous about cloud computing—to the point that they outright banned it or leveraged it only for noncritical or nonsensitive tasks and data.
Cloud technology has now matured to the point that organizations in all industries are using it at some level. That said, hybrid infrastructure does present special challenges for organizations in the healthcare, financial, government, and other regulated sectors.
One of the biggest challenges comes not from any one regulation, but from the fact that many companies are still manually checking to see that they are compliant and meeting custom or regulatory security baselines for security compliance and auditing requirements.
It’s a tedious, complex, and error-prone process to begin with, but it becomes even more so when dealing with a mix of heterogeneous systems in the cloud and on premises. When configuration changes are made manually, many times these changes may go undetected, so processes are not repeatable, sharable, and reproducible—all musts, if you are planning on passing a security audit.
Here, again, companies should be looking for a way to automate the scanning and remediation of security controls using open-source tooling. The goal is to provide crystal-clear visibility into tasks and allow for scalability of these tasks—from the container level to individual systems to the hybrid infrastructure as a whole.
3. Data security
Security is always challenging, but hybrid cloud ups the complexity—and the ante.
Across increasingly complex and expansive hybrid-cloud environments, data can be exposed to risk both in transit and at rest. No single protective implementation can prevent all possible methods of compromise, since the same information may be at rest and in motion at different points in time.
Protecting data at rest
Full-disk or partition encryption is one of the best ways of protecting your data at rest. You want to look for an operating system that supports full-disk encryption, such as the Linux Unified Key Setup-on-disk (LUKS) format. LUKS bulk-encrypts your hard drive partitions so that, while your computer is off, your data is protected.
For further protection, you should also use hardware encryption, such as a Trusted Platform Module (TPM), which is included in newer workstations and servers. This is a hardware chip on the computer’s motherboard for storing cryptographic keys. Once the TPM is enabled, it keeps the hard drives locked until an authorized user logs in. Even if an attacker steals the computer, he or she won’t be able to access the hard drive without the authentication credentials.
In a highly automated cloud environment, where workloads are ephemeral and you have little human intervention, you also want to avoid having to manually enter passwords into your encrypted drives. In Linux, this is solved with Network Bound Disk Encryption (NBDE). This allows the user to encrypt root volumes of hard drives on physical and virtual machines without requiring a manually entered password when systems are restarted.
For even further protection, TPM should be a part of the NBDE. This provides two layers of security for hybrid-cloud operations to help keep information on disks physically more secure: The network-based mechanism—NBDE—provides security across networked environments, while the TPM works on premises to add an additional layer, tying disks to specific physical systems.
Shielding data in motion
Data in motion is data that is being transmitted over a network. The biggest threats to data in motion are interception and alteration. Encrypting the network session ensures a higher security level for data in motion.
For example, use Internet Protocol Security (IPsec) to encrypt the communication between hosts that communicate using the Internet Protocol (IP). IPsec is an extension of IP designed to secure network communication through cryptography.
Another way customers can ensure data security protection in a hybrid-cloud environment is to look for solutions that implement standard protection measures. For example, look for products that support the Federal Information Processing Standard (FIPS) Publication 140-2, which is a US government computer security standard used to approve cryptographic modules for protecting sensitive data.
4. Supply chain security
It has become cliché to say that you are only as secure as your weakest link—but you really are only as secure as your weakest link. Across a hybrid-cloud environment, it can be difficult to see those links.
When evaluating and implementing infrastructure systems and platforms, it’s critical that companies know where the products and software that they are using came from, which means having confidence that the vendors they are working with know where their products came from and can ensure that their products were built securely.
It’s all about a secure and transparent supply chain.
For example, many developers are quick to download upstream code, but it’s important to ensure that it has gone through a secure software supply chain. Companies must perform both manual and automated inspection of the source code and establish strict guidelines about what to implement.
When building from source, it’s critical to understand the origins of the code—on its own and bundled as product. Look for code that’s been certified against internationally recognized security standards and has undergone extensive QA/QE testing. Also, seek providers that have a secure means of distributing software and specific processes in place for continuously providing updated fixes, especially fixes for critical security vulnerabilities.
It doesn’t have to be perfect
If all of this seems daunting, it is. There’s no such thing as perfect security, which is why organizations should focus on putting one foot in front of the other and look at security and compliance as a continuous process.
For example, automation is clearly necessary for ensuring the ongoing security of hybrid-cloud systems, but it would be difficult to automate everything all at once. Indeed, it shouldn’t happen overnight.
Prioritize, and focus on automating one thing at a time at each layer of the stack. That way, you’re more secure than you were yesterday while instilling better practices for a more secure tomorrow.