Hybrid Cloud Means Hybrid Security Measures
I recently walked you through a check-list, on what CIOs need to know about hybrid cloud—the IT sweet spot that marries in-house and cloud-based infrastructure—and what it could mean to their organ…
Sourced through Scoop.it from: millennialceo.com
A hybrid cloud will open many new ways to attack your data. In fact, I would recommend taking a radical (for some) approach to the whole change; "zero trust".
We still need peripheral security, firewalls etc. to keep unwanted visitors out, but, we must realize that there is no such thing as a "private network" with trusted users, devices, servers and safe zones.
The "zero trust" approach supports both legacy systems and your new hybrid cloud solution. You must focus on protecting the actual data at rest and in transit, always encrypted.
Authentication has to be smart and adapting to situations, where transactions out of the ordinary sounds alarms as well as adds more factors to a multi-factor requirement. For instance, if you log on from a new place or at a time that you usually don’t, you should automatically be required to authenticate with for instance a pin code on your phone or some biometrics.
This might be a large step for your organization, but since you are redesigning your infrastructure the step is smaller now than later. Better now than after that big breach!