Managing data protection, security and compliance in the hybrid cloud

While public cloud services have long promised organisations a huge range of benefits, fears around data protection, security, and compliance have always held some firms back. A recent report by 451 Research, commissioned by HPE, found that these three issues were the biggest factors when workloads were considered unsuitable for public cloud.

With the growth of hybrid cloud, the landscape is changing, as hybrid cloud offers organisations the best of the on-premise, private and public cloud worlds, and IDC has predicted that more than 70% of enterprises will have deployed unified hybrid and multi-cloud management technologies, tools and processes by 2022. This shift should answer many of the concerns firms still have around the cloud, but only when supported with the right platforms, tools and expertise.

For example, take three specific concerns that arise whenever hybrid cloud’s an option.

How do I maintain visibility and control in the hybrid cloud?

One of the key factors against public cloud is that there’s a loss of visibility and control. When you can’t see the whole environment, how can you manage and secure it? This doesn’t go away with hybrid cloud, where the mix of architectures adds to the complexity, but firms can meet the challenge through a mix of automation and centralised tools. With automation, organisations can integrate strong security across their clouds in a repeatable, verifiable manner. With centralized tools, it’s possible to handle security across architectures using consistent controls, while maintaining visibility throughout the whole estate.

How can I ensure that compliance and governance responsibilities are being met?

Manual approaches to governance and compliance barely worked on existing on-premise architectures; when checks involve such complexity and tiresome repetition, it’s all too easy for errors to creep in. Throw in the complexity of hybrid cloud, and lack of visibility is still a problem. That’s why organisations need to build in governance and compliance from the beginning and evaluate each component of the cloud platform as well as the whole. Most importantly, automating scanning and remediation reduces the risk of error and increases visibility – and the best centralized management tools will have appropriate controls built-in.

What does the hybrid cloud mean for data protection and security?

As data shifts between different platforms and areas of the hybrid cloud, it’s inevitably exposed to risks, while data protection issues can crop up where data moves, say, from services in one region to services in another. Education and training can address one of the biggest risks – human error – while encryption adds a crucial protective layer. However, organisations also need to be aware of shared responsibilities – where does the buck stop with the platform or service provide and where does it stop with you? – and have confidence that their vendors are on top of their security game.

With all these questions, HPE’s Greenlake hybrid cloud as-a-service offers both answers and practical solutions. Greenlake enables simplified provisioning and deployment of all the major cloud platforms, using automation to simplify operations and ensure a consistent approach.

Greenlake also provides management and security of every component in your hybrid cloud from a single tool – Greenlake Central – which makes it easy to implement appropriate security and compliance policies, including monitoring of over 150 compliance controls. The dashboard helps IT, security and compliance teams to identify and mitigate risks, while providing the datacentre to edge visibility to ensure that data sovereignty and ownership are respected, even as businesses make the most of public cloud environments and compute facilities at the edge.

To discover more benefits about HPE Greenlake, and how it can help optimise your hybrid cloud environment, click here to visit the HPE website.