Understanding Common Risks in Hybrid Clouds
ZOU Feng, Co-Chair, Hybrid Cloud Security WG & Director of Cloud Security Planning and Compliance, Huawei
Narudom ROONGSIRIWONG, Co-Chair, Hybrid Cloud Security WG & SVP and Head of IT Security, Kiatnakin Bank
GENG Tao, Senior Engineer of Cloud Security Planning and Compliance, Huawei
Hybrid clouds offer organizations with the best of both private and public cloud worlds, bringing the promises of flexibility, agility, cost efficiency, performance and choice.
Some organizations tap into hybrid cloud to keep sensitive or critical data on-premise while enjoying the immense scalability that public clouds accord. Others view it as an effective way to embrace the benefits of the public cloud without disrupting core legacy services. Thus, it is not surprising that hybrid is often the architecture of chice for organizations in their cloud journeys. IDC reported that in 2019, 52% of enterprises already have hybrid cloud infrastructures in place, while Gartner forecasts that by this year, 90% of organizations will adopt hybrid cloud infrastructure management capabilities and services.
While hybrid cloud has many benefits, interconnecting two or more disparate cloud infrastructures will undoubtedly increase:
- Complexities in terms of risks (e.g. larger attack surface)
- The challenge to consistently apply and maintain cloud security and compliance controls
- The challenge of delivering consistent service levels
The Hybrid Cloud Security Working Group recently released the ‘Hybrid Cloud and its Associated Risks’ paper, elaborating on the common risks, threats and vulnerabilities that should be understood when adopting hybrid cloud, some of which are briefly mentioned in the following:
- Data leakage. The private and public clouds in a hybrid setup are usually connected through the open internet. As such, there is a risk of data leakage due to human errors, compromised endpoints (e.g., lost smartphones), man-in-the-middle attacks, etc. Data leakage could also occur if APIs for cloud management are not properly implemented and secured.
- Compliance risks. Achieving and maintaining consistent compliance is a huge challenge in hybrid clouds. Because data flows between the public and private cloud components, it increases the difficulty of maintaining and complying with governance frameworks across disparate infrastructures, especially when they are provisioned by multiple service providers whose compliance capabilities are different.
- Gaps in security controls. There could be misalignments or inconsistencies in security controls implemented across hybrid cloud setups. Often, public clouds are held to and have a higher level of security control maturity than private clouds. For example, some private cloud infrastructures may not be as conscientiously patched to the same levels as public clouds.
- Misaligned service level agreements (SLAs). Private clouds may have SLAs that are not as clear/stringent as those imposed when using public clouds. Different CSPs could also provide SLAs that might be different. It can then be challenging to align varying SLAs to deliver an overarching end-to-end service-oriented SLA for end users.
- Comprehensiveness of security risk assessment. Risk assessment is a challenge when evaluating hybrid cloud setups. It may be conducted separately for the private and public clouds rather than evaluated comprehensively as a whole. As such, maintaining a consistent compliance posture or obtaining an overall compliance picture of the hybrid cloud can be difficult.
- Poor / no encryption. While the clouds in a hybrid architecture are usually subjected to regular data protection risks on an individual basis, the hybrid cloud as a whole faces higher risks due to the transit of data from one cloud environment to another. It is at the interconnection interfaces and pipes that data is most susceptible to theft or alteration if robust encryption is not employed.
- Network connectivity breaks. Network connectivity between clouds in a hybrid cloud architecture is crucial for upholding SLAs. There could be single points of failure in the overall network architecture that may lead to widespread disruption of cloud services. For example, if backbone routing nodes lack redundancy, a single faulty backbone router is sufficient to cause an outage in the entire hybrid cloud.
- Decentralized identify & credential management. The lack of a centralized and unified identity management solution may cause account information inconsistency between clouds, resulting in discontinuous log audits and failures to trace resource misuse.
As a follow-up deliverable, the working group is currently working on a countermeasures paper to provide guidance on mitigating risks associated with hybrid clouds, so as to help users and cloud service providers reduce common security and compliance risks. The working group welcomes individuals who are interested in contributing to this work to join our efforts by volunteering here.
Sign up to receive CSA's latest blogs
This list receives 1-2 emails a month.