Clearing up the 4 common myths about hybrid cloud

By Brendan Paget, director of portfolio management in the APAC Office of Technology, Red Hat

Hybrid cloud is set to become a norm for enterprises. According to the Red Hat Global Customer Tech Outlook 2019, 30 percent of the organizations surveyed have a hybrid cloud strategy, and 45 percent of them are already using two or more cloud platforms. Offering the flexibility and speed needed to address changing business demands effectively, hybrid cloud can help enterprises gain business agility and better compete in the increasingly volatile business environment.

Hybrid cloud provides a mixture of public and private (i.e., on-premises or managed/hosted) cloud environments that are connected and managed by a single management solution. With hybrid cloud, enterprises can choose the type of cloud that best suits each workload, as well as move workloads across IT environments as necessary. For instance, a retailer can host its e-commerce website on a public cloud but process payments made on the site in a private cloud to better protect customer data and comply with regulations.

Even though hybrid cloud can help organizations to become more agile, some organizations are still hesitant to adopt it. Here are four common myths that hinder hybrid cloud adoption:

Myth 1: Hybrid cloud may cause organizations to lose visibility and control over their IT infrastructure

Since hybrid cloud is made up of more than one IT environment, it may be difficult for enterprises to have complete visibility of their entire IT infrastructure. The lack of visibility can make it challenging for organizations to monitor and control their environment for security and compliance, especially if this is conducted manually.

Organizations can counter this by ensuring that the foundation of their hybrid cloud provides predictive IT analytics capabilities. By leveraging tools that provide ongoing in-depth analysis of the IT infrastructure, organizations can proactively identify vulnerabilities that could threaten the security, performance, and stability of their hybrid cloud, so as to stay ahead of them.

Myth 2: Adopting hybrid cloud may lead to a security headache

Traditionally, IT security focuses on fortifying, maintaining, and policing the datacenter perimeter. However, perimeter security is less effective in securing hybrid cloud. The highly connected multiple cloud environments open more doors to attackers and can bypass traditional perimeter defenses. It can also be tedious to manually patch or configure systems from the mixed environments of hybrid cloud. 

Another challenge here is that the need for security policies and plans does not end when an application is retired. Coupling this with the increased role that large numbers of short-lived “immutable” application instances play in a hybrid cloud environment, manually monitoring for configuration drift and correcting it as needed is no longer an option.

However, these challenges can be mitigated with the right tools in place, including leveraging automation tools to protect IT infrastructure. With automated patching and remediation, critical security risks can be resolved in a controlled manner and without delays.

Myth 3: Organizations that embrace hybrid cloud will be more vulnerable to supply chain risks 

Just as the saying “a chain is only as strong as its weakest link” goes, an organization is only as secure as its weakest link. Since the hybrid cloud environment may include cloud platforms from multiple vendors, it can be challenging to ensure that all those solutions were built with security in mind and that the respective vendors will continue to update and patch them.

To address this concern, organizations should ensure that their hybrid cloud comes with a console that allows them to understand the IT risks they are facing, at a glance. It should list the critical issues prioritized by an overall risk assessment rating, and display the probability and potential impact of each issue to help companies focus on the issues that most impact risk reduction. It should also offer tailored resolution steps to help IT teams quickly and confidently address risks to avoid downtime.

Myth 4: Hybrid cloud will make it challenging to comply with regulations

Although most companies today are using cloud technology to a certain degree, those in highly regulated industries are still required to ensure that their distributed environments meet custom or regulatory security baselines for compliance and auditing requirements. Making changes to configurations manually can be a time-consuming, complex and error-prone process. Those changes may also go undetected, which may prevent the organization from passing a security audit.  

As such, companies should look to enhance their hybrid cloud with tools that can provide centralized visibility across the entire heterogeneous infrastructure. Tools that automatically scan the IT environment for non-compliant configurations and remediate them can help too.

Adopting hybrid cloud may seem like a daunting task as it can introduce additional risks and complexities. However, organizations can overcome those challenges by moving away from being reactive to issues to taking a more proactive and intelligent approach to infrastructure management.

One way of achieving this is by ensuring that the foundation of their hybrid cloud provides them with knowledge about their infrastructure to accurately predict potential issues and pinpoint existing technical risks. It should also offer tailored remediation steps along with automated resolution so that critical and configuration problems can be resolved quickly and before business operations are affected. With these capabilities, organizations can spend less time keeping the lights on, and instead sustain business success with hybrid cloud by developing and delivering innovation on a flexible and secure platform to meet business goals.