Thoughts on Cloud is a leading source of insights, news and analysis for the cloud community, presented by IBM and powered by exclusive commentary from IBM thought leaders and industry experts, along with curated, relevant cloud computing news from around the globe.
Investopedia describes “insurtech” (the term inspired by its commonly known cousin, “fintech”) as the use of technology to create savings and efficiency in the insurance industry. Investopedia also suggests that the insurance industry is ripe for innovation and disruption.
At Grupo Planetun, we know this to be especially true in Brazil. In the Brazilian insurance market, only 30 percent of the automotive market, 10 percent of the housing market, and two percent of cell phones are insured.
Grupo Planetun is an insurtech company in Brazil poised to take advantage of this growth opportunity. We know the big insurance companies we serve need to reduce costs and improve operations, which is why they seek to partner with us.
Innovating the auto inspection process
In 2017, we developed our App Web de Vistoria Prévia, or Preview Web App, that enables image capturing for auto inspections online. When we released the first version of the application, the primary innovation was that the insured individual could take and submit photos rather than needing to drive somewhere or wait for an insurance representative to come to their location.
Today in Brazil the insurance inspection process takes an average of five days, beginning to end. With our application, images can be sent to the insurance company in an average of five-and-half hours. This is a drastic reduction that is speeding overall inspection time.
Despite these gains, we learned by evaluating app use that 30 percent of customer photos submitted were not usable by insurance companies. For example, the photo might be diagonal, cropped incorrectly, or too dark. Or the customer might have submitted a selfie with the vehicle, which cannot be used for inspection.
We knew we needed to address the 30 percent of unusable photos, so we sought a way to provide immediate feedback to customers.
Infusing artificial intelligence into the app
We were introduced to IBM Watson offerings at Think Brasil in 2018. Following that introduction, we began to see how artificial intelligence (AI) could further the capabilities of our auto inspection app with image recognition.
We spent eight weeks with an IBM Garage team in São Paulo to automate our Preview Web App using the open source IBM Cloud Kubernetes service and Watson Visual Recognition on IBM Cloud. Now the solution can confirm or reject customer photos in real time.
The collaboration between the IBM team and our team of developers was crucial. In addition to our enhanced solution, we came away from our engagement with technical knowledge of the IBM Garage methodology for designing and building applications.
Shaking up the insurance market
Aside from the benefits of workflow transformation and user experience improvement, the project with the Garage team helped us reduce app management costs. By reducing the amount of unusable photos shared through the app, our team no longer needs to manually evaluate and flag those submissions.
Additionally, because the new version of Preview Web App is built on microservices and each system has its own API, we are free to offer our customers only what they need.
Through the Garage project, we saw that the agile methodology improved our workflow, so we adopted it internally in our organization as well. We came away from IBM Garage with technical knowledge about Watson, AI tools, image recognition and the Kubernetes database, all of which our developer team is replicating with our other employees.
By partnering with IBM, Grupo Planetun has brought radical change to the Brazilian insurance market. We are the first insurtech company to implement an image recognition methodology for insurance processes in Brazil and throughout South America. This is a major differentiator for our business and is driving company success.
The next step for Preview Web App will be to put the Watson Visual Recognition service to work sorting and pricing the amount of damage a vehicle has suffered in accident situations.
Companies are migrating to the cloud at increasing rates across the globe. At the forefront of this move are companies in the US and Western Europe, according to a report from ResearchandMarkets.com. Though many companies have only completed 20 percent of their cloud journey, industries and regions continue to emerge with new solutions to meet industry challenges, differentiate from the competition and delight clients.
“IBM is writing the next chapter of business and social transformation together with our clients,” IBM Chairman, President and CEO Ginni Rometty shared in a company statement. “Companies across Europe and the world are working with IBM to put the hybrid cloud infrastructure in place and to start infusing AI into businesses processes as a means to accelerate future innovation.”
European companies transform with IBM Cloud and AI
IBM this week announced a wide range of European client solutions using IBM Cloud and AI.
The Agricultural Social Insurance Fund (KRUS), a social insurance provider for farmers in Poland, is adopting IBM Cloud to help modernize and expand its e-learning platform.
Confindustria, the chief association representing Italian manufacturing and service companies, is moving its full IT infrastructure to the IBM Cloud. The move will help the association power more personalized, innovative offerings for members.
Endesa, the largest Spanish power company is using IBM Watson and IBM Cloud to transform its call center experience.
Performance for Assets (P4A), a Belgian startup, worked with the IBM Cloud Garage team to enhance wind turbine output. The company created an advanced asset management monitoring system for wind turbines with IBM Watson on IBM Cloud that enables predictive maintenance and boosts asset performance.
ERGO Aktiv, a Czech neurorehabilitation center, developed a Watson-based virtual assistant on the IBM Cloud to help patients return to an active life and resume work after a stroke.
European automotive companies adopt IBM hybrid cloud
The European automotive sector is also looking to IBM Cloud and AI solutions. IBM recently announced client wins with Volkswagen Sachsen GmbH in Germany; Moovster, a Munich-based mobility and AI startup; and Vinturas, a Netherlands-based automotive logistics company.
Germany is in the process of completely transforming its energy sector at a pace unmatched by other industrialized nations. Nuclear power is phasing out as renewables are gradually taking over, according to Deutsche Welle, Germany’s international broadcaster.
The country’s politically supervised shift in direction from nuclear and fossil fuels to renewable sources of energy is expected to reduce security hazards and ensure Germany creates a greater share of its own power in the future.
Serima Consulting GmbH, a leading specialist in network management, monitoring and automation solutions, was selected by a device manufacturer to help in the creation of a smart grid offering for a German power company.
Developing the smart grid solution
As an IBM business partner and an IBM Cloud user itself, Serima chose IBM Cloud Private for its development environment.
Because this would be a first-of-a-kind installation that would open the market for monitoring and predicting energy consumption, Serima wanted to protect its intellectual property and keep its smart grid development efforts in house.
Testing, monitoring and marketing elements, along with Kubernetes capabilities, are included with IBM Cloud Private in a microservices architecture. Those capabilities make developing and maintaining applications easier and faster than traditional software development methods.
The initial rollout of the smart grid solution was successful. With IBM Cloud Private, Serima can show the solution live to potential customers to demonstrate the solution’s grid monitoring and managing functionalities as well as its scalability to accommodate new customers.
There are already other customers interested in projects that would replicate what Serima is doing. And because IBM Cloud Private is open, it’s possible for customers to easily make adjustments to suit their specifications.
The International Center for Scientific Debate explains that the ability to better collect, store, organize, integrate, analyze and share biomedical data provides opportunities to advance the detection, diagnosis, treatment and prevention of disease.
Yet the greatest challenge bioscientists face is how to handle the flood of information from an array of devices that assess patient health. These devices include genomic sequencing machines, high-resolution medical imagers, electronic health records, smart phone applications and more.
Databiology has created a biomedical information management and orchestration platform for the life sciences and healthcare sectors that helps researchers tap into many different data sources.
Enabling faster, more effective medical research
When a research team creates a workspace on Databiology’s platform on the IBM Cloud, members can load any type of biomedical data and perform intensive processing tasks requiring high-performance compute power.
The platform functions as a central data and analysis management hub for conducting end-to-end biomedical research. By provisioning the required technology to manage large and complex data assets, Databiology enables clients to perform faster and more economically effective research.
Additionally, the platform can take on any third-party application stack and orchestrate it to run in any number of connected compute environments. The platform includes an app store, which has more than 250 different biomedical analytics and visualization applications. If researchers need an application that isn’t in the app store, they can rapidly add their own using Databiology’s CIAO application onboarding framework.
Tailoring research with hybrid cloud capabilities
The Databiology platform can be deployed either on premises or on different clouds and can use IBM Aspera to transport terabyte-sized biomedical data sets from disparate locations to the workspace quickly.
Databiology has two offerings to fit the needs of different biomedical companies.
The Databiology for Enterprise platform is integrated with IBM Power Systems, IBM Spectrum LSF, and IBM Spectrum Scale to enhance workload, resource and data lifecycle management in the cloud, on- and off-premises, and in hybrid models. IBM Power Systems servers are built on a flexible, open platform and the processor is designed for big data workloads. Power Systems servers combine computing power, memory bandwidth and I/O in ways that are easier to consume and manage, and provide high resiliency, availability and security features. IBM Spectrum Scale provides world-class storage management with extreme scalability, flash accelerated performance, and automatic policy-based storage tiering from flash through disk to tape. IBM Spectrum LSF provides highly scalable and reliable resource-aware workload management platform that supports demanding, distributed and mission-critical high-performance computing (HPC) environments offering an enhanced user and administrator experience.
Databiology Lab runs exclusively on IBM Cloud. The secure, high-performance cloud offers dynamic burst capabilities for intense compute requirements. Databiology Lab is designed for smaller teams or academic use, or for larger customers to try out the capability of the platform before they decide to go with the Enterprise platform.
Automatically securing the provenance trail and capturing scientific insights
The Databiology platform is making research more efficient by capturing all the metadata about scientific analysis automatically. The platform maintains a sophisticated knowledge graph, which delivers reliable reproducibility with the same software, with the same data, on the same environments if needed later. Users are now able to understand how different items of data are related to each other.
For pharma company customers, this provenance graph is hugely important. For example, if they’ve developed a product that went through regulatory approval, and, years later, discover issues they’ve got to be able to demonstrate exactly how they derived certain insights.
In academia, and push-button reproducibility of the scientific process is becoming increasingly important because of how much poorly reproducible science is out there and how many papers ultimately cannot be verified independently.
Researchers know exactly how results were derived from the multitude of pieces of data and by which process. This drives data interoperability and reuse, which is something every enterprise is after today.
Cloud migration challenges continue to bedevil enterprises, despite the fact that the cloud itself has been around for nearly 20 years.
Many enterprises have yet to realize the full promise of an abstract, distributed, federated data environment because migrations are still often so difficult.
Nobody embarks upon a cloud migration expecting to fail, of course. The basic problem is that few people understand the nuances of such a complex project, particularly as it relates to ongoing processes and operations. Unexpected challenges are the bane of any major undertaking, and cloud migrations are chock full of unexpected challenges.
Cloud migration and performance
Laurence Guihard-Joly, the Global Cloud Migration Factory’s general manager for cloud migration, points out that cloud migrations require careful strategic planning, with a “multipronged approach” that takes time to get right.
Take application performance as a key example. Misplacing applications in the wrong cloud environment or putting them in the cloud when they belong on premises results in over- or under-provisioned resources, which can diminish app performance or drive up costs. In addition, a poor understanding of workload dependencies can introduce performance issues, as well as security risks.
The so-called “lift and shift” approach, in which an application is moved as-is from a traditional environment to the cloud without any redesigning, might work for simple applications, as TechTarget suggests. However, more complex, resource-intensive applications, such as those that use big data or image rendering, might need an overhaul before being migrated.
Failing to align workload requirements with the proper cloud architecture can wreak havoc on the entire cloud strategy. In most cases, it leads to reverting back to traditional infrastructure, which costs time and money and can damage performance, reliability, manageability and overall trust in the cloud by the knowledge workforce.
5 keys to success
Before you embark on the cloud migration process, it helps to have a clear understanding of what’s involved. Here are five key elements identified by IBM for a successful cloud migration:
Develop a strategy. This should be done early and in a way that prioritizes business objectives over technology. This should also include an analytics regime that gathers information in a consistent format.
Identify the right applications. Not all apps are cloud friendly. Some do better on private or hybrid clouds rather than on public. Some may need only minor tweaking, while others might need in-depth code changes. A full analysis of architecture, complexity and implementation is easier to do before the migration rather than after.
Develop the right skills and resources. Choosing a service provider that does not have the proper expertise and technology is a recipe for disaster. A provider must be able to open established systems to new channels using microservices and new APIs that foster platform-based development.
Maintain data integrity and operational continuity. Managing risk is critical, and sensitive data can be exposed during a migration. Post-migration validation of business processes is crucial to ensure that automated controls are producing the same outcomes without disrupting normal operations.
Adopt an end-to-end approach. Service providers should have a robust and proven methodology to address every aspect of the migration process. This should include the framework to manage complex transactions on a consistent basis and on a global scale. Make sure to spell all of this out in the service-level agreement with agreed-upon milestones for progress and results.
No matter how prepared you are, there will inevitably be surprises during a migration. This is why two of your most important assets will be innovation and creative problem solving. At the same time, it helps to have a technology partner with vast experience regarding today’s cloud migration challenges. Chances are the unforeseen problem you face has already been successfully managed by someone else.
Even the best-prepared enterprises occasionally come up against their own unique cloud migration challenges. Check out our recent white paper to learn how to find a path to the cloud that minimizes disruption.
Vodafone Idea Limited, the largest telecom operator in India, recently signed a five-year, multi-million-dollar agreement with IBM to modernize and consolidate its IT infrastructure.
Through the multi-year agreement with IBM, the Indian telecom company plans to use IBM hybrid cloud and multicloud services, plus analytics and artificial intelligence (AI) security capabilities, to better engage with customers.
The collaboration will also provide Vodafone Idea with a hybrid cloud-based digital platform to enable enhanced business efficiency, agility and scale, plus simplified business processes.
ZDNet explains: “In addition to better serving its 387 million customers, Vodafone is updating its infrastructure to realize the efficiencies of Vodafone India’s 2018 merger with Idea Cellular. Specifically, IBM will help it consolidate applications and infrastructure, including data centers, and disaster recovery centers. Solutions deployed by Vodafone India Limited and Idea Cellular Limited earlier will be merged and their big data capabilities will be enhanced.”
Quality is essential to every project. That is the clear message from businesses across every industry.
Today’s enterprise IT environment, however, is more diverse and complicated than ever before. The combination of technologies, including mobile, Internet of Things (IoT), cloud, artificial intelligence (AI) and blockchain, are helping businesses drive competitive advantage. While companies are adjusting to this evolving business landscape on a macro level, delivery teams are also reacting and adjusting on their own modernization and optimization journey. Many delivery teams are finding a need for streamlined, continuous software testing.
While new applications are being deployed, established applications are still necessary for standard business operations. A typical enterprise may have 1,000 applications or more with dependencies across multiple clouds and on-premises ecosystems, plus possible regulatory dependencies.
As a result of this complex application ecosystem, many organizations are looking to Kubernetes to simplify the management of applications, ensuring cloud portability and rapid delivery across the full software lifecycle. This is supported with a microservices architecture, which breaks down single, often monolithic applications, into a collection of smaller, independently deployable services managed by different teams.
Test software quality throughout the delivery lifecycle
Throughout the application modernization and optimization journey, it is essential for delivery teams to assess quality at every opportunity. The combination of automated testing and test service virtualization can help teams asses the quality of their deliverables throughout the delivery lifecycle.
Quality is essential and as the need for dynamic, agile quality assessment grows, the software test automation market is also growing.
How to find the right tools for continuous software testing
The challenge can be selecting the right tools to enable continuous software testing through the DevOps pipeline. Some criteria to consider when choosing a vendor include the following:
Product design, architecture and scalability. Tools should streamline workloads now and in the future. Evaluate product specifics, such as the ability to share data and a common web-based UI across integration testing, functional testing and performance testing.
Ease of deployment and use. The ability to use one solution for testing all types of technologies and environments will enable all teams to remain in communication, ensure a strong feedback loop and improve overall agility.
Vendor support and services. Be sure testing tools can grow with your company.
These criteria align well with those used by EMA to evaluate DevOps continuous testing platform products in a recent report. Based on their assessment with wide range of users, EMA awarded the DevOps 2020 Top 3 award for Continuous Testing Platforms to IBM Rational Test Workbench.
With most businesses already relying on multiple cloud providers to meet their business objectives, we are now living in a multicloud world. But how can organizations navigate multiple cloud environments while meeting the demands of their most critical business priorities?
Research shows that most organizations haven’t been able to solve that problem yet. According to a study by the IBM Institute of Business Value, more than 60 percent of customers don’t have the tools and procedures to manage and operate in a complex multicloud environment. This can slow the progress of moving high priority workloads to use the cloud and can unintentionally introduce risk to an organization.
There are three major challenges that stand in the way:
Rapid application innovation. As developers discover new ways to develop and deploy applications, the number of software services is growing rapidly within organizations. Often, this growth exceeds the enterprise’s ability to effectively manage and control risk. This can be especially true when applications are spread across a wide range of software environments.
Data overload. Enterprises are embracing new technology around data and artificial intelligence (AI). The problem is that many organizations are still using traditional management methods to handle this data. This can leave many teams without the management capabilities to execute on their own data strategy. It’s also a challenge because improperly managed data can introduce significant risk for an organization.
Difficulty adopting DevOps and SRE best practices. If you work in development or IT, you have probably felt the pressure to embrace DevOps and Site Reliability Engineer (SRE) best practices. This is certainly the right direction. The issue, however, is that these changes go beyond technology alone. Moving to a DevOps model can also require difficult cultural shifts with teams learning new ways of operating, and individuals taking on what was previously multiple roles.
Because of these key challenges, many businesses feel pressured to choose cloud management solutions that provide either speed or control, but not both. To succeed, enterprises will need to balance these two seemingly competing priorities and select a cloud management solution that will help them appropriately achieve both.
Overcoming the challenges: Three things to look for in a multicloud management solution
The good news is that there are strategies and solutions that can help steer your business in the right direction. A lot of the challenges can be mitigated by choosing the right multicloud management solution.
Here are three key features to look for:
Visibility. It’s critical to know where business application components are running. You must monitor the health of resources (such as deployments, pods, Helm releases) across Kubernetes environments, whether they are in public or private clouds, and in the appropriate business context.
Governance. As cloud-native environments proliferate across the enterprise, DevOps teams are tasked with ensuring that these environments are managed according to the enterprise’s governance and security policies. It’s advantageous to have a single dashboard that provides a consistent set of configuration and security policies, at service inception time. An increase in the number of cloud native components, such as Kubernetes clusters, should not mean an increase in the risk to a business, nor an increase in management costs.
Automation. Whether an enterprise application is a cloud-native, 12-factor application or a traditional application, enterprises need a consistent and flexible way to deploy and manage that application. The goal is to simplify the IT and application management, while increasing flexibility and cost savings with intelligent data analysis driven by predictive signals.
IBM Multicloud Manager: the award-winning solution for cloud management
IBM offers a multicloud management approach built for the enterprise that nurtures a high-performance, agile culture and embraces modern operational practices.
With built-in security and compliance, IBM Multicloud Manager helps teams organize complex applications running on any cloud, reducing management costs and reducing business risk through compliance standards. All of this provides the much-needed combination of speed and control that today’s progressive enterprises are searching to find.
Recently, IBM was recognized with the prestigious Gold Thomas Edison Award for the team’s innovation in creating this product. Companies can adopt this technology knowing that it is respected by experts across the industry.
To learn more about multicloud, and the broader enterprise cloud journey, take a look at the following assets:
The term “cloud first” has different meanings for different organizations, and no two companies’ journeys to a cloud-first position are exactly alike.
That’s why outlining a cloud strategy road map, a thorough guide to embracing the cloud, can help organizations prepare for their specific needs.
A cloud-first strategy shapes how enterprises handle both technology and business decisions. It considers the nitty-gritty of operations and sets a foundation for larger pursuits, such as artificial intelligence (AI) and the Internet of Things (IoT), to help enterprises pursue business initiatives without hesitation.
Before implementing a cloud strategy, it’s important to set out a road map to ensure your early steps toward a cloud-first initiative are on sound footing. Here are a few things to keep in mind as you embark on that journey.
“Cloud first” doesn’t mean “cloud only”
Many assume “cloud first” means every new technological project must be vetted for the cloud. Others argue that while many tasks are well suited for the cloud, critical applications should stay on premises for the sake of control.
There’s benefit to keeping certain technologies in-house, but that doesn’t mean an enterprise can’t adopt a cloud-first mentality. Being cloud first pushes organizations to always review how the many advantages of cloud technology, including improved scalability, more effective resilience and easier capital cost management, can more quickly deliver products and services. It’s a conversation worth having for every business opportunity.
View cloud strategy as part of both IT and business
The efficiency and flexibility of a business rely a great deal on technology; and, as such, decisions surrounding them should be intertwined.
That’s why it’s critical to not view cloud first as simply an IT strategy. Pigeonholing technological decisions that shape outcomes can overlook the value that business leaders provide when they also review cloud initiatives. HR leaders, for example, might know all about the upsides of a particular cloud technology after attending a conference. IT isn’t always directly on the pulse of business functions and could underestimate the disruption a sudden technological change might cause.
Form a “cloud center of excellence”
To ensure all voices are heard, follow the lead of other enterprises and create a committee that oversees the study, implementation, management and evolution of a cloud-first strategy. Some organizations call this body a “cloud center of excellence”, or a CCoE. The committee should align to company practices and goals with the proper cloud-based services.
The CCoE should set goals and deadlines, spearhead training programs and look for new opportunities. It should consistently cheerlead the use of cloud technology, but with a full measure of reasoning about why it matters.
The CIO, CMO, development and operations, HR leaders, data scientists, and other key roles within an organization can belong to a CCoE. However, don’t forget to include front-line business managers, too. These roles will have ground-level insight into how the cloud can improve key revenue-generating functions such as sales, marketing and customer experience. Demonstrate how a potential cloud application can enhance their work while accepting their feedback.
Go at your own pace
Even if your organization goes all in on a cloud-first strategy, it doesn’t have to immediately shift everything to the cloud. You have some time to wait.
As workflows and applications become more mobile-centric — and because AI and IoT are conducive to how products and services are developed — it’s only natural that organizations will increasingly turn to the cloud. The flexibility of cloud services may prove particularly appealing for enterprises that need to make big architectural changes in order to accommodate new technologies.
These steps can help you avoid some of the most common obstacles that stop a cloud-first strategy in its tracks. That strategy will likely evolve as business pursuits and technology change, but a well-thought-out cloud strategy road map will provide the foundation for a seamless transition to the cloud.
Looking to help your organization create a cloud-first strategy for the future? Register to learn more about finding the next-generation cloud platform that will work best for your business.
Hybrid cloud environments give companies the best of both worlds. They offer the elasticity and operational expenditure of public clouds with the data sovereignty, security and control found in a private cloud environment. By combining the two, companies can allocate workloads to the environment that makes the most sense for them.
As organizations build these environments, hybrid cloud security is crucial. According to Cybersecurity Insiders’ “2018 Cloud Security Report”, nine out of 10 cybersecurity professionals say they are concerned about cloud security. This is up 11 points from last year’s survey.
Securing these environments can be time consuming, but luckily, you don’t have to start from scratch. Adhering to these seven key pillars for a hybrid cloud security strategy will make sure you get great results with less stress.
1. Approach hybrid cloud security as a shared responsibility.
Companies should approach hybrid cloud security as a joint endeavor with their cloud service provider. Assuming the cloud partner will take care of everything once the data leaves the on-premises systems is a recipe for oversights and errors. Even with the best-equipped hybrid cloud provider out there, maintaining security still requires a proactive mindset.
For example, administrative staff could accidentally expose sensitive records through a simple misconfiguration of a public cloud environment. According to GCN, misconfigured data buckets left the voter information of hundreds of thousands of individuals exposed in 2018.
Without proper security efforts, one misstep can jeopardize a company’s reputation and consumer trust.
2. Standardize processes.
Companies that use different processes for public and private cloud environments, or that fail to implement processes, risk introducing disparities that could lead to manual errors and potential security loopholes. These processes will likely be unique to an organization’s needs, but some general best practices apply.
For example, an organization could ensure that administrators follow the same security procedures in a public cloud environment as they do with on-premises systems and check that public cloud assets are properly password protected. For example, developers may leave database administrative accounts with default settings in an on-premises development environment, but forget to change the credential settings when they take the databases live in the cloud. This oversight can lead to some serious data breaches.
Formalizing processes to manage assets, such as databases, as they pass between on-premises and cloud-based environments will help organizations avoid problems like the large-scale exposure of sensitive customer records in cloud-based systems.
3. Configure secure tools and processes for the cloud.
Companies can reduce the likelihood of human error and inconsistent administrative approaches by codifying these secure processes into automated workflows. In the case of software development and deployment, a common use case in hybrid cloud environments, secure DevOps (DevSecOps) practices can be a game changer.
Secure DevOps enables security professionals to build automatic gating checks into software development, forcing code through a series of tests that it must pass before being deployed. Automated tools can also securely manage the provisioning and teardown of virtual development and deployment infrastructure so that stray virtual machines and storage buckets don’t become a security liability.
4. Verify everything everywhere.
Hybrid cloud computing environments tend to blast through traditional network perimeters, as companies distribute workloads across different infrastructures and locations. This means conventional, perimeter-based protections no longer work. Instead, protect access to each virtual asset and data resource. Adopt a “never trust, always verify” approach to all computing resources across both infrastructures.
5. Manage access across hybrid environments.
A uniform identity and access management (IAM) framework can help protect assets in hybrid environments. Security teams might use various approaches to extend IAM across the entire environment, depending on their public and private infrastructures, including unified directories and SAML-based identity federations.
Ensure that this framework mirrors the concept of least-privilege access across both private and public clouds so that employees, contractors and other users only have access to the resources they absolutely need.
6. Ensure visibility and ownership.
One danger in dealing with two different environments is that it can be difficult to get a comprehensive view of what’s happening across the entire infrastructure. Explore using a management system that can aggregate monitoring and asset management across both private and public clouds.
Ideally, administrators should be able to see both from a single dashboard. Security teams should also ensure that all assets and data across both environments have defined ownership. An individual or team should be responsible for them so that nothing falls through the cracks.
7. Protect data.
Data protection includes not only encryption, which should be standard in any hybrid IT environment, but also other techniques as well. These might be pseudo-normalization or tokens stored in public cloud databases that refer to sensitive data stored in on-premises systems.
Before beginning your organization’s hybrid cloud journey, think carefully about your long-term approach and what you will expect from your hybrid cloud environment in the years to come. By considering these seven pillars of hybrid cloud security, you can help your organization transition smoothly between on-premises and cloud environments.