5 tips for securing apps across multiple clouds

Grazed from FedScoop. Author: Rutrell Yasin.

Creating a hybrid cloud computing environment – one that relies on a mix of on-premises and public cloud services – holds out the promise of greater flexibility for federal agencies on where to run diverse workloads and applications. It also promises greater computing economies. But enforcing policies and security controls between and among multiple clouds can be tricky business.

Agency managers can encounter a myriad of challenges as they use multiple cloud providers in conjunction with their own internal private cloud infrastructure. Issues surrounding compliance, data flow and protection, security, and visibility of information can complicate even the most basic expansion moves, including how to divide up data workloads…

One approach is to use the private cloud for the predictable volumes of workloads and the public cloud for variable or bursts of workloads. Anil Karmel — the former deputy chief technology officer with the National Nuclear Security Administration and now CEO of C2 Labs, a cloud security and services company — suggests a different approach. Karmel is a proponent of agency managers building their hybrid clouds from the inside out and then tying the various cloud infrastructures into a unified management plane. That way, organizations can use the same toolsets and security profiles across multiple, interconnected clouds, he said…

Read more from the source @ http://fedscoop.com/5-tips-for-approaching-the-tricky-business-of-securing-multiple-clouds