• Customer portal
  • Career
  • Contact
  • nl
  • en
  • Nederlands Nederlands Dutch nl
  • English English English en
Basefarm Menu
  • Cloud Services
    • CLOUD ADVISORY
    • DevOps
    • CLOUD MANAGED SERVICES
    • Customer Cases
    • Let’s start
  • Cloud platforms
    • AWS – Amazon Web Services
    • Microsoft Azure
    • Basefarm Cloud
    • IBM Power
    • Customer Cases
    • Let’s start
  • Security
    • Protect
      • Multi-Layer DDoS protection
      • Web Application Firewall (WAF)
      • Web Application Assessment
      • Infrastructure Assessment
    • Detect
      • Security Operations Center
      • Intrusion Detection System (IDS)
      • Information Security
      • SIEM
      • Multi-Layer DDoS protection
    • Comply
      • PCI DSS
      • Multi Factor Authentication (MFA)
      • Hardware Security Module (HSM)
      • SOC
      • ISAE 3402
    • Respond
      • Basefarm SIRT
      • Dedicated Customer Team
      • Information Security
  • Workspace Services
    • Cloud Managed Device
    • MANAGED CLOUD HOSTED DESKTOP/APPS
    • MANAGED OFFICE 365
    • Managed Workspace Portal
  • Insights
    • Blog
    • Events
    • Customers
  • About us
    • About us
    • Career
    • Contact
  • Kubernetes
  • Search
  • Menu Menu

Balancing security in hybrid cloud environment

In hybrid cloud environments you can actually setup higher security than needed. A balanced level of security is a matter of overview, expertise and costs.

Private cloud and public cloud combined is hybrid cloud. Under the clouds, physical data centers are hiding. Thus, two or more different security plans are needed.

“Also on safety, private clouds are characterized by greater layout flexibility than in public clouds,” says Esten Hoel, SVP Quality & Security in Basefarm.

Often, security from private cloud services is delivered as a basic package with the opportunity to add additional services. Private cloud service providers work dedicated with each customer, in Basefarm’s case with dedicated customer teams. Such vendors manage the customer’s IT operations. They will thoroughly analyse customer needs and recommend a sensible security services combination.

Consultant supported self service

«Also, public cloud providers give you basic possibilities and a choice of add-ons,” says Arvid Grøtting, Chief Information Security Officer in Basefarm.

«But, it’s a little more like in a self-service shop where you pick the goods from the shelves. Whether or not the security solutions you pick are appropriate, is for you and your consultants to decide».

Physical security is also a matter of great importance. Fortunately, professional providers has this in place and documented – also concerning their IT security systems.

Hoel explains that many companies use private clouds for production and public cloud for development. In such a layout, it should be possible to make sure sensitive personal data never even reaches the public cloud

In other use cases, businesses choose to distribute data to public cloud locations closer to customers, to avoid latency; slow response times.

Compliance is crucial

«This illustrates two situations which require different security settings,» says Hoel.

«When data is involved, compliance is also crucial. You should choose a setup where you comply with todays rules. The setup should also provide the flexibility for changes on relevant data protection legislation. I guess there will always be ongoing political and legal considerations and litigation that affect compliance. To stay ahead, you need platforms that are prepared for quick changes and a partner with a holistic overview and responsibilities.»

Hoel points out that you with two different platforms need to solve security twice, often with different tools. Naturally, for example two Unix environments or two Microsoft environments will not be completely different. Still, you need to focus and know what you are doing..

Risk assessment

«In Basefarm we like to start the journey by taking the customer through a risk assessment process. In principle, it may be tempting to make all possible efforts and fill your security shopping cart with all available items. But, this can be costly and sometimes even reduce the users experiences, he says.

«Based on the security assessment, we then perform the setup. We also have our own staff dedicated to compliance and whom follows the legal movements in this area.»

Also, when data transfer between private and public clouds is needed, Basefarm will analyze the situation and prescribe solutions for encryption and protocols.

Download our Cloud Guide

What should you focus on in order to take the next step in your company’s cloud journey?
With help from over 200 IT professionals and a Cloud Maturity Ladder, this report will help you to focus, prioritize and it will guide you to the next level.

Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on Pinterest
  • Share on LinkedIn
  • Share on Tumblr
  • Share on Vk
  • Share on Reddit
  • Share by Mail
© Basefarm | Read our GDPR Compliance Statement | Read our Privacy Policy
Critical IT services need dedicated SOC for GDPR compliance Q-Free secures innovation and global expansion
  • +31 88 594 90 00
  • info@basefarm.nl
  • Motion Building, Radarweg 60, 1043 NT Amsterdam Sloterdijk
Scroll to top