Understanding Public Cloud Security
Understanding Public Cloud Security
Public Cloud, Hybrid Cloud and Multi-Tenancy Insights
Public cloud security is often misunderstood. Did you know that public cloud solutions can be as secure as on-premises ‘private’ clouds and hybrid cloud solutions?
In fact, successful security is down to your operational (ops) team’s expertise. It depends on how they design and implement security in your public cloud or hybrid cloud solutions, as well as having robust change management governance.
It’s your ops team’s knowledge and approach that makes all the difference to your cyber security; rather than whether it is a public, a private (on-premises), or a hybrid cloud solution.
The good news is that the design, implementation, and change management of public cloud security is in your control, if you know what you’re doing.
Erik Delorey, CX Leader at Miratech explains more about understanding public cloud security.
The Cloud Technology Landscape
Firstly, here’s a quick overview of the current cloud technology landscape. There are three types of cloud platform:
- A private cloud, as the name suggests, is a cloud infrastructure for the exclusive use of a single organization. It is owned and operated by either that organization or a third-party vendor on behalf of the organization, or a mix of both. It could be on-premises or housed in colocation, like Equinix.
- A public cloud is not as the name suggests. It is a cloud infrastructure that can be accessed by multiple different organizations. But this does not mean it is a publicly open space. Each organization can make its public cloud as secure as a private cloud by implementing the security it needs within its architecture.
- A hybrid platform seeks to leverage the best of both worlds. It will have at least one private and one public cloud, with the private cloud applications and data tending to be there to meet perceived security and efficiency requirements. Note: Multi-cloud solutions refer to two or more cloud solutions, whether public or private, but they are not necessarily hybrid.
The Reasons for Increasing Public Cloud Adoption
Right now, organizations from multiple sectors and geographies are showing an increasing preference for public cloud platforms. According to the Enterprise Strategy Group (ESG) this trend is predicted to accelerate further in 2023.
Public cloud eliminates the need upfront capital expenditure, as well as being extremely very agile. It enables an organization to spin resources up or down very quickly. Plus, it removes some of the operational burden for Life Cycle Management (LCM) on hardware and Operating System (OS) patches etc.
Also, this reduces business reliance on recruiting and retaining in-demand IT resources. Skillsets to maintain bespoke private cloud or hybrid infrastructures, which we already know are in short supply. And although a public cloud platform may limit the selection of where your information is hosted, you can still secure it and control access to it just as well as if you owned the facilities.
As well as offering a consumption-based model, which is preferential in economically challenging times, there are other additional advantages to consider with public cloud platforms. Because the reliability and recovery of systems are mostly managed by the provider, it facilitates the ability to focus your energies on engineering business value into the application or service you are building on the platform.
Building solutions on top of on-demand computer and storage resources gives you more ability to respond to market demand. Meaning you don’t need to overinvest in infrastructure that, in many cases, sits idle for large periods of time.
Public Cloud Security and Allaying Multi-Tenancy Fears
Importantly, Enterprise Strategy Group research also indicates that cyber security remains the highest priority for business technology decision makers. And these decision makers are actively transitioning to public cloud and next generation hybrid solutions.
This suggests that more enterprises now understand how to ensure consistent and correct security policies within public clouds.
But, given the lack of available skilled security resources, some organizations may be reluctant to transition. However, the process can be accelerated with the support from technology experts, like Miratech, that have the capability to design and build a secure architecture to benefit from the public cloud.
For example, within your architecture you’d be looking to include security techniques such as:
- Whitelisting – a security list that only provides access to pre-approved programs, specific Internet Protocol (IP) addresses and email addresses, etc.
- API gateways that limit the number of requests in a specified period and only respond to authenticated requests from specific registered endpoints
- Multi-Factor Authentication (MFA)
- Zero trust verification, which might also require network segmentation and Zero Trust Network Access (ZTNA)
- Hardware Security Modules (HSM) and Key Vaults combined with key rotation policies.
And much more.
All this means that multi-tenancy is less of a concern than people make it out to be. All the precautions you take within your own organization to apply security policies and roles-based privileges can be applied in a multi-tenant cloud platform. With a well-designed security architecture in place, other tenants on the same cloud can’t access your applications and your data. This is because real-world best practices still prevail.
Imagine you’re a tenant in an apartment building or campus. You have your own unique keys to keep your apartment secure and private. You wouldn’t leave the building with your door wide open. Similarly, this is the case for your applications and your data on a secure public cloud platform.
Cloud platform database solutions offer built in specialized encryption and while they are “SQL friendly”, they are not structured like the relational databases of the past. These column-based ‘shared-nothing’ architectures have been proven with a decade or more exposure to public scrutiny.
Understanding Your Cloud Options
In summary, understanding public cloud security can unlock more agility and potential operational efficiencies for your organization.
Taking advantage of public cloud benefits is already being reflected in changes to vendor strategies. A recent example within leading CX technology is the confirmation from Genesys that it would focus future investment solely on Genesys Cloud CX™ – a public cloud product. With several financial services, investment and healthcare firms already running on the platform it has proven that a well architected solution can be both public and secure simultaneously.
With Miratech you can be more responsive and take advantage of next generation consumption-based cloud architecture, without compromising cyber-security.
Book a call today to benefit from our global track record of successful delivery and award-winning expertise. We’ll help you navigate the cloud and accelerate your adoption of secure public cloud and hybrid cloud solutions.
Learn more firstname.lastname@example.org