Businesses have spent millions of dollars to create optimized data centers that contain important business policies and corporate data. At the same time, functional users are racing to adopt the cloud model for application dev/test, migration, training and IT sandbox purposes. IT leaders are often faced with the pressures of enabling users with cloud based architectures while allowing for secure and safe access to corporate data and policies.
Hybrid cloud computing can relieve those pressure points, deliver business agility and reduce operating costs. However, implementing a successful hybrid cloud requires a careful and thoughtful approach. Below are 5 must have requirements for a successful hybrid cloud implementation.
Enterprises have a wide range of functional users that require cloud resources for ad-hoc use cases including development and testing, application migration, software evaluation, consulting, support and training. Solutions like Skytap Cloud provide users with a self-service solution so that they can be agile, productive and effective. At the same time, IT owners are provided with self-service admin capabilities to set-up approved templates, security rules, VPN access policies, budget visibility and control.
Before you choose a cloud service, be sure to try the self-service aspects so that both IT and functional users can use the service effectively. The promise of cost savings and agility associated with cloud computing can only be realized if a cloud solution meets both needs.
Secure Cloud Architecture
Enabling a hybrid cloud solution requires a thoughtful and pragmatic approach to security. The solution must include operational security measures across data center security, physical security, access security, virtual data center security, compute (virtual machine) security, network security, storage security, and operations security. In addition the data transport between the cloud and your data center must be secured with an iPSec VPN connection. Last but not least, the solution must allow for OS file system level data encryption so that your user data is secured at rest.
Configurable Role-Based User Access Control (UAC)
Enabling sophisticated user access control (UAC) is a key requirement for enterprise adoption of Hybrid cloud based solutions. Users within an enterprise often have different permission levels depending on their role. An administrator may have the right to view a complete audit trail of activity in a virtual data center, whereas an offshore tester may only have access to a sandbox test environment to complete specific test cases.
Most cloud providers only offer a limited set of user access controls. Make sure the solution you evaluate offers a rich UAC model with the ability to set fine-grain permissions for different levels of access to a virtual data center. In addition, you should be able to create sandboxes and publish for vendors or consultants with no access to the corporate network.
Cloud Policies, Quotas and Charge-backs
The ability to enforce enterprise IT policies with cost controls and charge-back billing to internal groups are key requirements for most IT organizations. Most infrastructure providers offer no advanced cost control capabilities or the ability to isolate usage to internal groups for charge-back. Make sure the solution offers cost control capabilities, such as auto-suspending resources when not in use to save costs. In addition, the solution must ensure quotas can be applied to individuals and organizations to cap usage. Finally, the solution should enable IT policies to be enforced globally, such as approved subnet ranges for virtual data centers and the ability to prevent assignment of public IP addresses to virtual machines.
Snapshots and Collaboration
Most enterprise applications comprise of multiple interconnected services. Providing the ability to snapshot an entire virtual data center becomes important to encapsulate these applications and enable entire IT environments to be replicated accurately and quickly. Snapshots are especially useful when diagnosing performance issues, architecture change or software bugs, as an entire application stack can be suspended at the point of failure for debugging. It is also useful to save a ‘golden image’ for rapid deployment at a later date.
In a hybrid cloud configuration, the VPN connections and associated security policies that these applications use must persist across snapshots. Without this capability, users and IT will spend a lot of time on manual set-up and change management work.
Cloud-based virtual data centers are not only dynamic in nature but can be used by distributed teams for collaboration. IT professionals can be prototyping a new network installation and need to share it with a security expert for review, or a tester can find a bug that’s very hard to replicate, snapshot the VDC and share it with a developer for debugging. Hybrid cloud solutions should include collaborative sharing and workflow capabilities.
Without a doubt hybrid cloud computing architecture holds a lot of potential to deliver agility, cost savings and IT productivity to all enterprises. By paying a close attention to these five must have requirements, IT organizations can ensure their cloud journey is secure and successful.