Active Directory|Hybrid Cloud|Microsoft Azure|Security

Hybrid Cloud Security Risks

Many businesses today have adopted the Hybrid Cloud to address a variety of different business solutions. According to Gartner, 50% of all organizations were using or planned to implement Hybrid Cloud solutions by the end of 2017. The Hybrid Cloud brings a number of benefits to the organization like pay-as-you go compute and storage capabilities, near unlimited scalability and global accessibility. However, unlike standard on-premise infrastructure security, the hybrid cloud has some unique security challenges. Let’s have a closer look at some of the main hybrid cloud security risks.

Securing connections between on-premise and the cloud

Unlike private LAN connections, most Hybrid Cloud connections are made across the Internet making them a potential security exposure. With the Hybrid Cloud, it’s important to secure the network connection and its endpoints. One of the best ways to do this is using VPN connections between your local network and the cloud.

Sponsored Content

Passwords Haven’t Disappeared Yet

123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?

Cross-platform authentication

The goal of identity authentication is to control access to systems, applications, data, and services. The Hybrid Cloud changes your organization’s authentication requirements. In a traditional data center, you might use a directory service like AD for authorization. However, Hybrid Cloud implementations require you to have both an authorization method for the cloud as well as your local resources. Technologies like Azure AD can provide authentication for the Hybrid Cloud. Azure AD is multi-tenant, cloud-based directory and identity management service. Azure AD can be integrated with your existing on-premise AD enabling you to leverage your existing AD to manage Hybrid Cloud access.

Securing cloud data

Controlling access to data that resides in the cloud is even more critical than securing local data. Local data is typically secured using physical security methods, firewalls and VLANs making access to the data difficult. However, cloud data is potentially accessible from any endpoint on the Internet. In addition to authentication, one of the best ways to be sure your cloud data is secured is by using encryption. Encryption provides data protection for data at-rest in the cloud. Encryption prevents unauthorized access to your cloud data stores by ensuring the data is encrypted when it is stored to disk. If an attacker were to attempt to access the encrypted data without access to the encryption keys, that data would be meaningless.

Transferring compliant data between the cloud and on-premise

One other important security consideration when you’re using the Hybrid Cloud is transferring data that must meet certain types of compliance standards between your on-premise systems and the Hybrid Cloud. If your business is in a regulated industry like healthcare or finance, you need to be sure that your data is compliant with industry-specific regulations whether it is in the cloud or on-premise. If you’re moving data between your on-premise infrastructure and the cloud, then you’ll need to ensure that your regulated data is not transferred from a compliant database on your own storage to a less secure storage location in the Hybrid Cloud. The same methods you use for your internal systems may not be applicable in a Hybrid Cloud environment.


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Michael Otey is president of TECA, a technical content production, consulting and software development company in Portland,
Don't leave your business open to attack! Come learn how to protect your AD in this FREE masterclass!REGISTER NOW - Thursday, December 2, 2021 @ 1 pm ET

Active Directory (AD) is leveraged by over 90% of enterprises worldwide as the authentication and authorization hub of their IT infrastructure—but its inherent complexity leaves it prone to misconfigurations that can allow attackers to slip into your network and wreak havoc. 

Join this session with Microsoft MVP and MCT Sander Berkouwer, who will explore:

  • Whether you should upgrade your domain controllers to Windows Server
    2019 and beyond
  • Achieving mission impossible: updating DCs within 48 hours
  • How to disable legacy protocols and outdated compatibility options in
    Active Directory

Sponsored by: