Identify risk in your hybrid cloud – and yes, there's plenty of it!

In the second part of this series, we examine the actual areas of risks in the hybrid cloud journey – and some of them may surprise you. This involves two elements: data and humans.

analyze / inspect / examine / find / research / data / magnifying glass

Continuing on from where we left off the last time (read Part 1 to refresh your memory), we now focus our attention ways to ‘identify risk’ in your hybrid cloud.

The journey to hybrid cloud is usually undertaken with the promise of agility, elasticity, on-demand expansion and cost savings as the primary drivers. Very rarely, if at all, is security the primary driver to embrace a hybrid cloud – typically it's cited as the #1 concern (see Security Issues in Cloud). Yes – for SMBs, public cloud may offer a safer haven than their relatively antiquated or non-existent security on-prem but our focus is here is on the large enterprises who will be straddling a ‘hybrid’ world for a long time. Note that this could very well entail a private data center and more than one public cloud for risk and cost advantages. And that (recalling our house analogy) means more surface area to keep up with. And the risk grows with this increase.

Let’s take a look at two key vectors of this risk (there are others but we are going to concentrate on these two) – administrators and data. Let's make it personal and anoint you as the CIO of this hypothetical enterprise

Risk factor #1: human administrators

This is the high privileged IT crew that has been keeping your data center humming all these years. And they have done so because you – the CIO – have accorded them rights - yes using a tiered hierarchical approach obviously – based on their job function, grade and competency. But, it is also possible that along the way, they may have accumulated more rights and wider scope – for example, the backup admin who may have rights only to the DR site, may have been promoted for a day to control the primary as well because the regular guru admin called in sick – but in the craziness of the day to day fire drills – these elevated privileges were never rescinded after the guru admin reported back to her job. So now your backup admin has the rights of a guru admin (though his guru status is not deserving obviously) – and you are not even aware of these two gurus with guru privileges! And if your journey to public cloud entailed using the same admin groups and privileges as your on-prem – a logical starting position – you would be starting with elevated (and risky) privileges in your public cloud journey.

sys admins 1

#Whoa! That does not bode well does it! It goes without saying, that this risk surface with these over privileged admins multiplies when another public cloud is added to the mix. So what do you do? Glad you asked. Even before heading towards hybrid cloud (or if you are already in one, then take this action immediately), do a privilege and scope rightsizing of your admins! What am I talking about? Identify which administrators have elevated privileges and scope that are out of whack with what they started off with. Yes, this can sound dreary and there may also be some rumblings inside your organization if people smell that they may be stripped of excess privileges but you need to do it as the first step to hybrid cloud. We will discuss the ‘how’ both for this corrective action phase as well as ongoing hygiene in the next of the blog series.

Risk factor #2: the data itself

As we explored in "Ticking bomb #sprawl! 3 ways to combat it now," the ease with which data proliferation happens is astounding – increasing snapshots and plummeting costs of backup – results in sprawl! And this long tail of ill-secured backup images opens up a risk surface that most enterprises are either unaware or maybe aware and ignoring it due to lack of budget or attention from upper management. But this is a ticking bomb and needs to be addressed now without blowing your budget or your stretched IT resources.

Let’s focus in this installment of how you would go about identifying which ones are the highest risk for you.

analyze / inspect / examine / find / research / data / magnifying glass

Clearly for a hedge trading fund, the algorithm, the asset value, the risk spread etc. may be the data they care about, whereas for a healthcare organization – the clinical trials interim results, the patients’ historical medical records may be of prime value. And you did not pay much attention to identifying which backups contain what so you now have a problem in your hands. But don’t worry – there is hope.

The first step to recovery is to admit you have a problem. And hopefully you are there already. The next step? Locate – among your hundreds of thousands of backups – the ones that have critical data. And since you are already in hybrid cloud, this means you need to focus this discovery on both your on-prem backups and the cloud backups. On more than one cloud possibly. #Egad!

But, it doesn’t have to be very costly or time consuming to do this. Tools exist in the market today. But you need to take ownership and make this happen now. But what after you have done all this – that’s what we will take about in the next episode. For now, its enough to understand where your ‘to die for’ assets are.

So there you have it. Identifying over-privileged administrators and critical data are the first steps to getting control back of your hybrid cloud environment.

Once you have done that, the rest of the workflow becomes a lot easier and logical. More on that coming up shortly.

This article is published as part of the IDG Contributor Network. Want to Join?

New! Download the State of Cybercrime 2017 report