Hybrid cloud computing security: Real life tales

23.02.2011
For all the talk about public clouds versus private clouds, many organizations will likely end up with a mixed IT environment that includes both types of cloud as well as non-cloud systems and applications--at least for a next several years.

Security remains a concern for many CIOs, but if the business case supports it, companies are going to move all but the most sensitive and high-risk data to the cloud. Those executives that have started weaving together cloud and non-cloud environments say they've taken steps to ensure that security is an early consideration, have included security provisions in service-level agreements (SLAs) and contracts, and have worked to maintain compliance and secure integration.

Also read

Industry experts say that despite the well-publicized worries about security, the mixed IT environment will likely appeal to many organizations, particularly global enterprises.

"The hybrid cloud model makes a lot of sense in large organizations," says Janel Garvin, CEO of Evans Data, a market research firm in Santa Cruz, Calif. "As security concerns lessen, many might move more of their computing resources out to the cloud. But some may keep a hybrid model for years to come."

Outward-facing applications, such as collaboration, communications, customer-service and supply-chain tools, are excellent candidates for the cloud, Garvin says, while information such as financial and customer data is more likely to reside on-premise. "Most companies also feel that backup for storage and apps should still be kept internally, even if the data and apps reside in a cloud," she adds.