Issue link: http://cp.revolio.com/i/549869
12 | THE DATA CENTER JOURNAL www.datacenterjournal.com a s organizations navigate this journey to design and de- velop a business-optimized hybrid environment, they oen encounter myths that make them question whether a hybrid en- vironment is right for them. Here are some of the most common hybrid IT myths that companies encounter as they consider working with a managed-hosting provider and why they shouldn't be fooled: myth: "you can't Be secure in the hyBrid cloud." Although it's impossible to eliminate all risk in any situation, organizations can be secure in the hybrid cloud. In fact, cloud environments and their applications aren't that different from how brick and mortar stores are protected. Every brick and mortar store puts practices and procedures in place to pro- tect the customers, visitors, employees and revenue-generating items. ese practices include having unique IDs and passwords for cash registers, restricted access to certain rooms, locks and alarms to keep out unauthorized personnel, and sensors to let employees know when someone entered the store. Having these in place provide a defense-in-depth approach to enhance the security and protect customers, visitors and employees. When business functions are cloud- based, things shouldn't be that different. Using some of the same security prac- tices that brick and mortar businesses implement, cloud-based applications can provide a more secure experience for their users. Like a brick and mortar store, cloud environments can have locks, alarms, sensors and restricted areas. In cloud computing, a defense-in-depth approach can be achieved by enforcing dual-factor authentication with strong passwords; adding industry-leading security solutions to identify, monitor and report suspicious activity; and restricting access to critical systems to only those who need it for the betterment of the business. While it may be impossible to be fully protected from an attack, by restricting ac- cess to critical environments, implement- ing top-of-the-line cloud security tools, and enforcing dual-factor authentication to data centers and critical applications, a business's cloud environment and applica- tions will be more difficult for attackers to access. Any hybrid cloud is only as strong as its weakest link, so it's critical to apply these tools and principals to every compo- nent of your hybrid cloud. myth: "the hyBrid cloud is unreliaBle." In the always-on world of the Internet, an outage won't go unnoticed. A failed hard drive, a natural disaster, a DDoS attack, a bug in an app—it doesn't matter why. It all means the same thing: major headaches, business disruption and lost reputation, all while a very expensive meter is running. And yet it's the immedi- ate threats to a business that get the most attention, not the potential ones. at's a dangerous place to be. Cloud hosting providers take preparedness very seriously. Network reliability is truly the foundation of their business, just as much as (if not more than) the foundation of its customers' businesses. e distributed nature of cloud computing helps ensure a level of reliability that an ordinary company would be hard pressed to match. Highly available servers ready to fail over automatically if necessary, network redundancy, continuous security testing and monitoring—that's cloud com- puting at its best. Depending on the hybrid cloud, however, a failure in one component of the hybrid cloud could mean downtime for your application. at's why it's so im- portant to ensure that those redundancies are present in all corners of your hybrid cloud. e right cloud hosting provider will be there to help you design a hybrid cloud that meets your reliability needs and to provide 24/7/365 support. myth: "you can't get regulatory compliance in the hyBrid cloud." Maintaining compliance in the cloud is complex, yet necessary if your environ- ment contains cardholder data or personal health information (PHI). When it comes to the cloud, designing, implementing, managing and supporting the environment is already a full-time job. Unfortunately, another layer of complexity is added with the requirement to comply with HIPAA regulations or PCI compliance standards. With the right hosting provider, you can maintain regulatory compliance in the cloud. e key is to avoid these common pitfalls, which lead to companies failing compliance audits: • Designing a cloud environment without a proper focus on compliance A cloud environment must be designed carefully to ensure that the organization is properly applying the right security solutions to every piece of the environment that touches the cardholder data or PHI. If any piece of the design is missed or overlooked, it could not only result in fines from a failed audit, but could also cause a breach of security and cost the company more than just a few dollars (not to mention customer trust). A consultative design from trusted and experience cloud architects can help identify the security solutions that are unique to each business, its environments and compliance needs. •Something was missed in the migration Assuming the design was correct, another reason why a company may have failed its compliance audit has to do with the migration or implementation of the environment, where it is common for inexperienced resources to hit roadblocks that can stall or cause the cloud project to fail. Depending on timelines, the team may have created work-around tech- niques to bypass the roadblock temporar- ily. Unfortunately, these work-around techniques end up leaving out important pieces of the design. When the implemen- tation process deviates from the original cloud architecture, the odds of missing an important piece to the compliance puzzle can ultimately hurt the business. Teams ex- perienced in implementing cloud projects have encountered most roadblocks and can use their familiarity to resolve the issue while sticking to the design, thus providing a greater chance of success. •Not enough skilled individuals monitoring compliance standings Growing a business, managing its environment and maintaining cloud com- pliance for future and current business re-