Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.

Public Cloud Security: What Customers Should Demand

Public Cloud Security: What Customers Should Demand

In our prior piece on public cloud security, we took a high-level look at the topic’s key issues. This time, we’re focusing on customer priorities. What should enterprises and even smaller organizations want from their public cloud providers?

By now, many IT professionals are aware of the differences between public and private clouds and the face that a third option, hybrid cloud, encompasses using both models simultaneously as needed. Unfortunately, though, there are no industry standards when it comes to cloud models. It’s never a foregone conclusion that one can quickly adapt from one cloud model -- or even one provider -- to another.

An increasing number of enterprises feel that this middle path is the "Holy Grail" -- a true hybrid cloud, where companies have a sizable chunk of highly utilized systems in their private cloud environment, but they have the ability to burst out to or retract from public clouds as workloads grow or shrink. This flexibility should be foremost during cloud strategy implementation. 

“If you design your whole cloud stack to run in a private cloud, then you might start to use hypervisor-based security or traditional firewalls, which you couldn’t take with you to a public cloud,” says Rand Wacker, vice president of products at Cloud Passage. “When you build your security and operations to only work in a private cloud environment, you’ll never be able to take advantage of that hybrid deployment, which is really what people want.”

Thus the first step on any road to a secure public cloud adoption should begin with the assumption that the public offering may well become part of a hybrid configuration. Given this, the private cloud side of the cloud infrastructure must be designed in a way that will assure maximum compatibility with future public services. Without this, organizations are likely to find themselves locked into functional yet proprietary offerings that may be cost-ineffective and unable to function securely when it comes time to scale out.

William Van Winkle has been a full-time tech writer and author since 1998. He specializes in a wide range of coverage areas, including unified communications, virtualization, Cloud Computing, storage solutions and more. William lives in Hillsboro, Oregon with his wife and 2.4 kids, and—when not scrambling to meet article deadlines—he enjoys reading, travel, and writing fiction.

See here for all of William's Tom's IT Pro articles.