HDM-022218-Cloud.jpg
10 ways to better operate in a hybrid cloud environment
Multiple industries, including healthcare, are moving toward adoption of hybrid cloud environments using a mix of on-premises, private and public cloud services, according to IBM in a new report.

“Few organizations have a solid understanding of how to secure hybrid cloud,” the company notes. Most employ an array of cloud services from several vendors, each with its own set of security controls, frameworks and products that increase the possibility of vendor lock-in. As a result, there are inherent risks and complexity in the hybrid model. In the report, IBM considers 10 essential security elements of a hybrid cloud.
Hybrid Cloud AdobeStock_153203592 A.jpeg
Regulatory and compliance alignment
With compliance requirements still a valid justification for not migrating to the public cloud, finding and combining solutions that can help address those increasing obligations as well as regulatory and legal oversight is vital. Having a way to accomplish that can not only enable firms to effectively manage compliance risk, it can help them elevate compliance as a valued business asset.
Hybrid Cloud AdobeStock_126365637 B.jpeg
Standard security frameworks, detection capabilities and response controls
A security framework establishes fundamental standards, controls and governance for the organization in alignment with business strategies and goals. Having consensus throughout the organization on security protocols for implementing and using cloud helps enable safe collaboration across the enterprise while reducing the risk of non-compliance and regulatory sanctions.
Hybrid Cloud AdobeStock_100581890 C.jpeg
Rigorous monitoring of regulatory changes
With new mandates continuously in the works for cyber security and data protection, healthcare organizations need a mechanism for proactively tracking these changes. Robust predictive analytics, such as those used by a controls database, are designed to help simplify and accelerate the discovery of regulatory changes and can deliver actionable insights for remediation. They can help reduce the compliance burden while creating a continuous state of preparedness and resilience.
Hybrid Cloud AdobeStock_58032111 D.jpeg
Data protection and encryption
Databases, workloads and content must be protected from internal and external threats aimed at stealing critical data. Encryption helps offset concerns associated with relinquishing data control in the cloud because it limits the chance of a breach. Strong data protection should include file and folder encryption, encryption key lifecycle management, data loss prevention, vulnerability scanning, and discovery and monitoring for personal identity information.
Hybrid Cloud AdobeStock_130196035 E.jpeg
Application security
Securing the organization’s cloud-based applications requires eliminating vulnerabilities before applications are placed into production. It enables secure application development and ongoing vulnerability assessment and management. Vulnerability analysis runs numerous test scenarios against applications to determine their threat risks. Good application security helps reduce the number of false positives and helps generate more accurate findings.
Hybrid Cloud AdobeStock_125724475 F.jpeg
Visibility and intelligence
Healthcare institutions collect massive volumes of security data, but much of it is unstructured, making it all but invisible to traditional security watch systems. Cloud based cognitive computing changes that, increasing visibility by enabling all kinds of captured log and event data to be analyzed and interpreted. It helps build security intelligence using sophisticated analytics to identify risky behaviors, potential breaches and policy violations and using machine-based reasoning and learning to continuously improve the speed and precision of threat detection and response. Cloud monitoring, alerting and event correlation are integral capabilities, as is the integration of cloud and non-cloud platforms for centralized visibility of security from a single console.
Hybrid Cloud AdobeStock_177641313 G.jpeg
Access management
People, applications and devices must be able to connect to the cloud securely. Access management capabilities authenticate and manage identities and user privileges so only authorized users can enter the cloud infrastructure. Multi-factor authentication and enhanced security profiles improve the user experience by simplifying access to privileged resources and activities. Identity federation with single sign-on is also valuable, especially for healthcare acquisitions and mergers, because it allows for secure propagation of identities and trusted roaming across new domains.
Hybrid Cloud AdobeStock_94897870 H.jpeg
Workload-centric capabilities
Because workloads can move between clouds, they need to carry their security with them. With workload-centric security, controls are built in and stay with each workload wherever it runs. Firewalls and load balancers are dynamically reconfigured to meet changing workload demands. Services are delivered to users at the right time and in the right location, according to established business policies and rules. Workload-centric security can benefit DevOps as well, enabling security controls to be more easily integrated into new applications. Every time a new workload is provisioned, security controls are already there.
Hybrid Cloud AdobeStock_96985103 I.jpeg
Network security
Managed network security services help simplify network security by reducing the complexity that can come from managing different operating systems, network asset failures and remote access queries. These services, which typically include intrusion detection and prevention systems, protect networks from attacks with around-the-clock monitoring, threat analysis and incident escalation. They speed resolution of network security issues that could impede performance, uptime and stability. Software-defined network technologies and automation are increasingly being used with hybrid cloud to centralize security monitoring, management and inter-workload protection.
Hybrid Cloud AdobeStock_167344893 J.jpeg
Cloud-agnostic managed security services
In a hybrid cloud environment with public and private clouds and traditional IT, managed security services have to be interoperable and work for all of them. Interoperability helps improve operational security and speed incident resolution while decreasing the costs associated with securing non-integrated legacy systems. It is critical that interoperability be effectively managed by policy-driven governance and leverage end-to-end monitoring. The full report from IBM is available here.