By now, many organizations have adopted the cloud in some way. We saw organizations moving whole servers over to the cloud at the beginning, but now we see small parts of a system being moved to the cloud and new cloud native offerings. We’ll use the analogies of Lincoln Logs and Legos to describe these deployment models.

  • Infrastructure-as-a-Service (IaaS): With Lincoln Logs, you can build some pretty cool things, but they are pretty monolithic and constrained to quadrilateral shapes. Lincoln Logs represent moving a whole server to the cloud and still working on the offering as a whole entity.
  • Software-as-a-Service (SaaS): With Legos, you can build many more advanced shapes. Not only that, but you’re also able to break up the project into multiple pieces, allowing you to attach those different components together in various ways that make it much easier to redesign and replace them without having to rebuild the entire entity. This flexibility enables you to create a new and unique offering in the cloud that’s delivered as a service.
  • Platform-as-a-Service (PaaS): PaaS is in between IaaS and SaaS. Someone else has made the main Lincoln Log structure, and you create the accessories with either more monolithic Lincoln Logs structures or with Legos.

Security Challenges in the Hybrid Cloud

In response to adopting one of the cloud models described above, many organizations now have critical assets and services running on premise and in cloud locations around the world. These resources live in what’s known as a hybrid environment. Indeed, bits and pieces of the entity are stored in various locations, and they are owned by various teams.

Not surprisingly, the hybrid environment has introduced new security-related challenges for organizations. Chief among these issues is maintaining compliance. As information security writer Kim Crawley explains on the State (Read more...)