The value of continuity: Aligning security and control in a hybrid world
This post was authored by Bruce Cowper, Trusted Cloud Advisor, Microsoft Corp.
There are a variety of cloud models and strategies, from private and public to a hybrid combination of the two. But one thing is common among all of them: The need to carefully consider and manage security, privacy and compliance.
With the traditional perimeter of the datacenter becoming obsolete, identity management and access control have become the new firewall. And they must be implemented consistently across a hybrid mix of technology environments before risk and complexity can truly be mitigated.
Many organizations think they have to reinvent the ways they address security and access control when moving to the cloud. Others try to juggle two or more inherently disparate technology paradigms. But the cloud doesn’t have to be a departure from existing systems and processes. When the technologies are fully aligned, the cloud merely becomes an extension of the datacenter and the policies through which it is managed.
Few cloud providers can offer that sort of alignment. Many cloud services are tantamount to remote islands, with limited connections to on-premises systems and fundamentally dissimilar standards and controls. Others can only accommodate virtual machines and don’t work in concert with the physical foundations of an enterprise datacenter.
In stark contrast, Microsoft has always seen the value in a fully integrated, hybrid IT environment. One where the lines are blurred, and in many cases don’t exist, between physical, virtual and cloud resources.
Office 365 and Microsoft Dynamics CRM Online, for example, connect to the application layer in the same way—regardless of whether they are deployed in a datacenter or in the Microsoft Cloud. So does Active Directory, which supports thousands of pre-integrated SaaS applications for single sign-on and full user management.
Office 365 and Microsoft Azure, for example, can be used in Hybrid scenarios to allow for a combination of on-premises and cloud-based infrastructure. Active Directory can span across all the environments as well as support thousands of pre-integrated SaaS applications for single sign-on and full user management.
That sort of alignment enables data and applications to be secured, managed and accessed consistently. It helps reduce an organization’s risk and improve its compliance posture. And it eases the burden on IT teams who already have too much complexity and too many resources to manage.
When evaluating cloud providers and services, don’t be afraid to ask the hard questions about security and access control, and how they align with your existing systems and processes. Lean on compliance frameworks—like the new ISO/IEC 27018 standard for cloud privacy—to make sure prospective cloud environments can support your organization’s requirements and policies. And visit the Microsoft Trust Center to see how we integrate private, public and hybrid cloud offerings with the systems and applications already in your datacenter.
To learn more, visit the Trusted Cloud website.