Don’t Put All Your Eggs In One Cloud Basket

3 minute read

Posted by: DeepDotWeb

February 8, 2015

In 2013, the worldwide public cloud service market hit about $131 billion and is expected to grow by 62% to more than $160 billion by 2015, according to Gartner. Of those companies already using the cloud, between 80 and 87 percent are working in a multi-cloud environment. Private cloud-only deployments will soon be passé as the inevitable hybrid and/or multi-cloud strategies take root.

Businesses are revisiting their cloud deployment strategies and beginning to port workloads from cloud to cloud, no longer settling for vendor lock-in and a ‘one size fits all’ approach. Flexibility is inherent in multi-cloud strategies, providing businesses with an expanded ability to choose services based on preferences and requirements – such as which workloads run where – rather than according to what a single provider may be able to offer. By using resources and services from multiple cloud providers, businesses are spreading any risk of downtime or security vulnerabilities among those providers.

From the security perspective, having your infrastructure divided across multiple cloud providers reduces the risk that your operations will be disrupted due to attacks on a single cloud. The recent demise of Code Spaces due to an AWS security hack illustrates the possibilities and extreme dangers of malicious insiders in a single cloud. In the case of Code Spaces’ downfall, credentials were hacked and all their AWS database and instances were deleted, with no way to restore service.

It is crucial for businesses to be aware of and address security challenges in order to protect their cloud-based operations. Had Code Spaces had a physical backup on a separate infrastructure that was unaccessible from the primary control panel, and had they sought out other cloud alternatives in addition to AWS, such as GCE, Azure or SoftLayer, it would have reduced the chances that a hacker could have accessed all of the replicated instances at once.

However, even by reducing security risks in a multi-cloud deployment, cloud computing by its very nature presents a plethora of non-trivial challenges that are derived from the fact that the company’s cloud resources are located in shared public data centers and are accessible remotely over unsecured networks.

There is a broad misconception that must be dispelled which is that security provisions offered by cloud providers are good enough for companies to protect their organization. This is simply not true and it introduces an enormous weak link into the protection of data assets available in the cloud.

In a multi-cloud environment, sharing applications and services that process critical information can be a security risk. Further, if a business has not established proper security infrastructure safeguards, then their cloud deployment is susceptible to any number of malicious threats. Yet how can a business define and enforce security policies on different infrastructures that behave differently in terms of security? With the correct management and policies in place this danger can be reduced.

One of the primary reasons for an enterprise moving to the multi-cloud model is the reduced cost of doing business. Not being dependant on a single cloud provider offers increased opportunities for improved SLAs, competitive pricing, and streamlined resources. 2014 may arguably go down in history as the year of the cloud pricing wars. Because of this increased level of competition, the gaps in pricing and technology offerings have narrowed considerably.

Another upside for businesses working across multiple clouds is that they can better serve their clients from multiple geographic locations. Proximity to high-capacity Internet connections is more cost-effective, uses fewer resources, and delivers data to users in a fraction of the time.

When considering moving from a single cloud service provider to a multi-cloud provider model, businesses must assess a number of things, including:

  • software
  • platforms
  • infrastructure
  • security of each provider to select the right cloud mix

Considerations must be taken into account such as the overhead in adjusting your system to more than one cloud provider and the actual set-up of interconnecting multiple cloud providers to optimize deployment configurations.

Cloud-based security demands ongoing rigor and is never going to be a walk in the park. Yet, businesses cannot be paralyzed by the fear of the unknown. Fortunately a new wave of security vendors is surfacing with different methods to geo-fence data in multi-cloud provider environments addressing security needs ranging from simple to very complex. Leveraging the cloud is inevitable for the majority of businesses. By following sound best practices in security protection both on premise and in the cloud, companies can forge ahead with business as usual.

Article was contributed by FortyCloudSecurity as a Service. secures your AWS/Rackspace/Google public clouds by managing security end to end: firewall, VPN, servers and networking.

Updated: 2015-02-08