The Cloud: A View from Above – Private Cloud and the Hybrid Evolution

As if the term “Cloud Computing” wasn’t already severely overloaded, terms within the overarching technologies are even more overloaded, and many are quite misunderstood.

In this post (and in others in this series), I’m going to try to clarify a few of the definitions, and the subtle differences between various definitions as they are used. I’ll cover the Private Cloud and the Hybrid Cloud (links to Wikipedia, but my thoughts follow):

Private Cloud: In short, a Private Cloud is a cloud where the data access is restricted to specific users, typically within the same organization (or company) and behind a corporate firewall. Beyond the basic advantages of Cloud Computing (reduced IT infrastructure costs and management, “always up”, increased business and IT agility), there are several business reasons for keeping data in a Private Cloud:

• Your applications store customer data containing Personally-Identifiable Information (PII), which could incur legal or financial risks if compromised.
• Your application manages e-commerce transactions, credit card numbers, shipping addresses, etc.
• You store corporate-owned, sensitive, mission-critical or proprietary data.

In these (and in many other) cases, the knee-jerk reaction of IT and Business is to keep these applications and data on-premises, safe behind the corporate firewall. In some organizations it may be difficult to argue against this mindset, but there are alternatives that enable businesses to enjoy the basic benefits of Cloud Computing in a secure manner.

A Private Cloud typically begins life as an application or services deployed in an on-premises data center. Access to the data (Authorization, Authentication and Accounting, commonly known as the AAA Protocol) is clearly defined and controlled by local IT resources. On-premises users can get to the application over their LAN, external users can use IPsec or VPN protocols to access the application securely from outside.

Now, with proper security (AAA over secure IP protocols, as noted above) a Private Cloud can exist in a vendor data center, provided the organization utilizes the same security protocols and IT controls as they would for an on-premises deployment. The rub? Well, read the news (link to a Bing search for the latest .. there’s always more). Suffice to say: many enterprises want absolute assurances data held away from their premises will be secure.

That said, it’s not that simple. Beyond advanced and highly-controlled access security, there are a few other bits and pieces that a hosted Private Cloud (one that is hosted at a vendor data center) would need to navigate:

• Privacy: Monitoring, monitoring, monitoring. No, not performance monitoring. The monitoring to which I refer applies to communications in and out of a Private Cloud, based on the widely-discussed “NSA has massive database of Americans’ Phone Calls” (link to USA Today) story that broke a while back. Maybe the data itself isn’t directly accessible, but inferences about how the data is being used can be captured. This isn’t just a Cloud issue, by the way; vendors and enterprises will experience these challenges; hosted or on-premises.
• Compliance: contractual and financial assurances (read: protections and remedies) that can be activated should a vendor fail to assume the risk of protecting the data using recognized practices and protocols. Note: this requirement brings with it a handy-dandy audit cycle that a vendor must also navigate.
• Legal durability: last I checked, a subpoena is durable (a court order for information that stands up up nicely in the courtroom) should a governing body (State or Federal) “request” (quotes are mine) data from a non-enterprise-owned data center. A vendor would surrender the data without many questions. An enterprise would consider their options. Enterprises will consult in-house counsel before releasing data.

This is why enterprises will tend to run scared of deploying content in a non-enterprise-owned data center. Can you blame them? Before we find ourselves in the courtroom, let’s discuss for a bit. The logical evolution is not necessarily to avoid hosted private clouds, but to evaluate the content stored in on- and off-premises data centers. In this exercise, an Enterprise will identify types of data, including sensitive data (this is a short list):

• Static public content (easily hosted in CDNs worldwide .. icons, static “about” pages, legal pages, etc.).
• Some dynamic content that needs to be available to the public (and therefore, will need to scale, or be redirected to public, scalable resources) .. calendar- or location-based query results, catalogs or pricing data (updated via business rules), and so on.
• Other dynamic content that needs to be held securely, and exposed only during relevant need. This can include PII, Credit Card, Customer status, and much more. In fact, some of these data need not be exposed at all; rather, secure queries to an internal system can yield responses that let the application get what it needs without viewing the actual data (querying if a token to a credit card account has sufficient balance, or confirming a shipping address via an encrypted form post).
• Mission-critical data that has explicitly-defined audiences and uses.

Avoiding the issue of publicly-available data (the first two bullets, above), we raise several questions for Enterprises regarding sensitive data:

• Are there ways that an Enterprise can protect sensitive data in an Internet paradigm?
• How should an Enterprise control access to sensitive data by authorized entities?
• How can an Enterprise protect sensitive and mission-critical data?

In this post, I am not proposing the answers. Not yet, anyway. I am, however, posing questions an Enterprise should ask. For starters:

• Perform an analysis and inventory of systems, audiences and security requirements.
• Prioritize systems based on business need and expected life; consider replacing, rewriting or redirecting system assets based on audiences, expected life and other factors.
• Create a project plan with clear (and widely-publicized) milestones so the enterprise is aware of progress and potential impacts to system availability.

In this exercise, you will discover your enterprise is describing an evolution of establishing secure access to assets residing in a local data center or in a Private Cloud. The analysis will further suggest certain assets be addressed in another logical paradigm: the Hybrid Cloud. So, let’s talk about the Hybrid Cloud. My thoughts follow:

Hybrid Cloud: Loosely stated, a Hybrid Cloud consists of data and services held in on- and off-premises facilities, with access to sensitive data secured by VPN and IPsec protocols. Consider a company who stores customer address data in their local data center, under the physical control of their Enterprise IT. IT enables access FROM public resources (catalog and shipping sites) via secure protocols.

Here lies the objective of this post: in considering the evolution from Private to Hybrid, Enterprise will arrive at the fact some data must reside under the control of on-premises IT .. control over these bits will include the questions above. That said, I am not suggesting (extraction of any suggestions are at the risk and responsibility of the affected parties) that Enterprises expose their data to the world at large, without adequate (and tested) protections.

Solutions? Yah. Lots:

• Windows Azure offers a the AppFabric Service Bus, a component that provides endpoint security .. a paradigm where secure connectivity is maintained by connecting applications to single points of access to other components. Disparate applications can connect to a single endpoint, simplifying and securing Hybrid Cloud components.
• Amazon Web Services offers the Amazon Virtual Private Cloud (VPC), which enables an enterprise to launch a private and isolated section of AWS in a user-defined virtual network.
• VMWare offers their vCloud product which enables enterprises to deploy workloads on shared infrastructure with built-in security and role-based access controls.

In these three cases (and there are others), Out-of-Cloud access can be enabled via IPsec and VPN. Your mileage may vary widely, depending on the analysis of your infrastructure and mapping this analysis against your requirements.

I do not intend this to be a pitch for deploying a Hybrid Cloud. However, I do suggest that enterprises consider and weigh their options when identifying the types of data that should be hosted on-premises, versus a trusted vendor.

Want to know more? Please read my collection of Cloud Computing posts, or reach out to me for more detail.