The features required for compliance and security in a hybrid cloud

Hologram of security padlock operating on the electronic circuit CPU.
(Image credit: Getty Images)

With employees already using the cloud for productivity and many business apps like SalesForce or QuickBooks etc based in the cloud, it's no surprise that many businesses are embracing the cloud. But embracing the cloud doesn't mean abandoning the private data centre.

We are seeing traditional IT transform to Hybrid IT and with that comes certain complexities, namely compliance, security and authentication. So what features are required from a hybrid cloud solution to ensure your organisation is compliant and protected?

The transformation from traditional IT to Hybrid IT is well on the way and it's not hard to see why. Mobile devices are growing about five times faster than the human population according to the GSMA, which means most people are now used to being able to access information from anywhere and at any time. The increasing expectation of BYOD in the workplace means that people are also used to accessing information from any device.

These real-life expectations have crossed over to the enterprise world now and most employees are allowed, and some even encouraged, to bring their own device and work from apps in the cloud from SaaS vendors such as GoogleMail, Office365, Dropbox etc. The beauty of Hybrid IT is that it allows the business world to connect all of these new technology applications in the cloud to their existing, legacy IT systems. The changing attitudes to technology also means that employees can enjoy much greater flexibility in terms of remote working while maintaining or improving productivity which benefits the business. In addition, using the cloud can also help businesses in terms of the cost savings from using operational rather than capital expenditure.

But with this proliferation of mobile devices and applications, and a distributed workforce, comes security challenges for today's IT security teams and the Chief Information Security Officers (CISOs) that leads the transformation to Hybrid IT. In order to ensure that Hybrid IT is safe and secure, CISOs need to meet all the challenges that it poses. They must authenticate user and device identity and through cutting-edge identity management tools and solutions, provide a safe tunnel by which applications in the cloud and on their very own premises may be accessed and utilised securely.

But as enterprises adapt their compliance, authorisation and access security solutions to provide this multi-layered protection, it must be done without making applications and information cumbersome to the user. If users find solutions difficult to use, productivity will fall and you have the added security issue of workers trying to find workarounds in order to avoid the difficulty on an ongoing basis.

Some of the features that businesses need to look out for, which combine to make hybrid cloud solutionsa success, include:

Single Sign-on (SSO)

How easy it is for employees to use a system is a key element of whether that system will be a success. The ability to eliminate the need for multiple passwords and provide automatic access to applications and services that employees require to be productive is an important pre-requisite for introducing any new technology, but particularly when it comes to security and passwords in today's multi-device environment. With the right kind of solution, workers never have to care about where their apps are coming from. It just works.

Centralised Management

The ability to control everything in one place will be high on the agenda of the IT security team in terms of ease-of-use, reporting and resource management. A platform that enables centralised management of policy, compliance and authorisation for SaaS, cloud and data centre access is therefore a primary feature required for successfully deploying a hybrid IT solution.

Secure Access

Securing the pathways between devices and data involves securing the tunnel between them. For this to be effective, the IT team needs to focus on both allowing secure access as well as making sure the tunnel is protected and controlled.

This can be achieved by using existing Secure Sockets Layer Virtual Private Network (SSL VPN) gateways to access the data centre while also relying on a Cloud Access Security Broker (CASB) to ensure a secure pathway between users and the cloud. Combining user authentication and device compliance will protect the integrity of the enterprise data and the security of the tunnel itself.

Identity Management

Identity management is a huge factor in ensuring the security of the huge variety of devices coming onto the network. A flexible solution that can serve as a SAML Identity Provider (IdP) and as a SAML Service Provider (SP) to enable easy integration with third party identity management providers is essential to secure the organisation now and in the future.

Compliance for the Cloud

Industry compliance is one of the primary concerns for organisations embracing the cloud, but it can be achieved by host-checking capabilities that assess the status and health of the user’s devices. This involves verifying compliance of laptops, iOS and Android devices to ensure that only authorised users with trusted devices have cloud and data centre access.

For workers to be able to utilise BYOD securely for work and their personal lives, a device container is required. This container allows the mobile workers to store apps and data in a secure container under enterprise control and eliminates the need for the enterprise to manage the entire device so has the added advantage of protecting worker's privacy.

Scalable Connectivity

Every organisation now needs the ability to scale up or down so choosing a solution that won't hamper those business needs is key in today's environment. In terms of a hybrid cloud feature, a solution that eliminates data centre hair-pinning by only sending authorisation and compliance checks to one system and sending application data directly to the cloud will help with scalable connectivity specifically.

Legacy app support

Unless you're a very new company, you will have legacy applications so it's important to consider how you can integrate these with any new solutions. Features that support Kerberos Constrained Delegation and NT LAN Manager will allow you to seamlessly connect to legacy applications in the data centre.

Ability to integrate

Security, in almost every scenario, is about layers or stacks, so when choosing a hybrid or cloud solution, making sure it can integrate with other vendor's solutions will save a lot of pain in the long term. In particular, cloud solutions that integrate with leading EMM solutions are especially relevant and helpful in today's BYOD-focused environment.

The benefits of using the cloud and moving towards a hybrid IT infrastructure are clear in terms of improved productivity, happier workers using applications and devices that they're already familiar with and cost savings. But as with any technology move, there are security challenges and moving towards this new infrastructure securely takes time and consideration.

To get it right, organisations need to look for the solution or range of solutions that provide the right features that enable them to achieve their business needs while ensuring devices can be securely authenticated, information can be accessed quickly and easily and that the organisation is compliant with all regulations.

Adam Jaques, Senior Director of Worldwide Marketing at Pulse Secure

Adam Jaques is the Senior Director of Worldwide Marketing at Pulse Secure.  A true technologist, he blends a lifelong tech passion and broad market insight.