Repatriating Public Cloud Assets to Private Cloud

Cloud computing has been around for some time, but questions about security still linger – especially with reports of widespread data breaches. Cloud computing makes it relatively easy to procure the services you want, as long as you trust the service provider to do the heavy lifting. The prize of less complexity and less worry with the promise of fast and flexible data and applications is very enticing. However, this “trust” in the arrangement overlooks a very important risk—that of exposing data to hackers and thieves.

Public cloud uses what’s known as the shared-security model.  For example, Amazon’s part of the shared security is the infrastructure underlying the cloud service itself – it protects the hardware, software, networking, and facilities that generate the AWS cloud services. The enterprise customer is responsible for all the software running in the cloud instance, including encryption, operating system, firewall, platforms, and applications.  Because this can be overwhelming and is not always monitored as frequently as necessary, there is a growing trend of companies moving mission-critical data back to private data cloud solutions—known as data repatriation.  For more insights, here are 4 reasons to consider cloud repatriation.

1. Data Breach Frequency is Increasing

While the public cloud may seem like the simple choice for many enterprises, dealing with the fallout from a data breach is not. In fact, InfoSecurity Magazine recently reported that 2017 set some disturbing records: 

  • The most breaches and the most data compromised in a year—5,207 breaches—20 percent higher than record setting 2015. 
  • 7.8 billion records exposed—a 24.2 percent increase over 2016’s previous high of 6.3 billion.
  • Web breaches (accidentally exposing sensitive data to the Internet) took over the top spot at 69.2 percent, or 5.4 billion records.  

Many experts such as Josh Mayfield, Platform Specialist at FireMon, have noted the ease with which cyber criminals are getting familiar with accessing, storing and then downloading sensitive data residing in cloud storage repositories such as AWS’ S3. 

2. Cyber criminals are Getting More Creative

On Feb. 14 of this year the Buckhacker website was launched. It allows anyone to search for unsecured sensitive data in the AWS S3 cloud.  Amazon hasn’t yet commented, but in November 2017 they launched five new encryption and security features, so they’re aware of the potential for breaches.  If your own PC was infected by a virus or a warning popped up from a website you’ve clicked on, then you’re already familiar with the immediate reaction one has – dread, fear, and uncertainty. Now imagine getting a warning like those issued to companies such as Uber, Verizon, Alteryx, the WWE, US defense contractor Booz Allen Hamilton, and Dow Jones, as outlined in a recent BBC article: Exposed Amazon cloud storage clients get tip-off alerts.  

3. Security is Often Overlooked 

Why are so many records being exposed? The reasons include misconfigured settings, a lack of contact details to reach security or system admins when leaks are first noticed, mothballed projects that leave old data stores active and subject to hacking and forgotten development projects containing login info that can be used to gain access to other parts of customers’ networks. In addition, AWS S3 information bucket defaults are “public” access unless it’s changed to “private.” If these facts are making you nervous about exposing the corporate or customer data you’re currently storing in the cloud, then you should be seeking to augment your public cloud strategy with a secure private/hybrid solution.

4. Public Cloud Masks Security Complexity with IaaS Simplicity

With the skill of a magician using slight-of-hand to distract an audience during an illusion, public cloud companies have masked security complexity by wrapping it in the simplicity of IaaS. The reality is that storing data in the cloud is simple until it becomes public –  that’s when the risks to the business become real, exposing customer data, company Intellectual property, and private network information for hackers to use for financial, political, or monetary gain.  Consider the impact recent data breaches have had on the reputation of firms such as Equifax. It’s no wonder that a recent Enterprise Management Associates Study found that 35 percent of network managers view private cloud as a key priority.

So, what’s the bottom line? First, for data in the public cloud, make sure security policies are documented, followed and kept up to date. That includes any changes in personnel, abandoned projects and “rogue” IT efforts on the part of internal users.  Second, consider moving data to private cloud solutions as part of a hybrid cloud business model. If you’re including data repatriation as part of a hybrid cloud approach, then you need to be sure that you’re moving to a compatible architecture that offers the same benefits of scale, cost and operational simplicity while also ensuring your application portability to meet performance expectations.  ZeroStack’s Self-Driving Cloud platform is one such solution. 

The ZeroSstack Self-Driving Private Cloud Platform—Public Cloud Flexibility with Private Cloud Control & Security  

Cloud data repatriation on the ZeroStack Self-Driving Private Cloud can help alleviate your concerns about control, security and enable agile methodologies.

  • Web-managed cloud so you can control, manage and orchestrate all ZeroStack platform resources from a single pane of glass.
  • Automated operations which enables network, storage and compute resources to scale on demand to satisfy daily performance peaks and valleys.
  • Leveraging open-source software, removing the need for expensive proprietary licenses for virtualization so your operational costs are predictable
  • Fully integrated stack including software defined storage (SDS) and networking (SDN) for micro-segmentation and VM firewalling
  • Built in blueprints for containers and big data in the on board AppStore
  • Integrated with VMware and Public Cloud, your private cloud should not be an island

If you’re ready to Repatriate Public Cloud Assets to Private Cloud, ZeroStack’s Self-Driving Private Cloud might be the right fit for your organization. To learn more about the premium ZeroStack private cloud experience, visit us at ZeroStack.com.

Leave a Reply