Hybrid Cloud, Multi Cloud and securely using and managing them for your company
The advantages cloud service providers, like Dropbox, Google Drive, Microsoft SharePoint and co., have to offer are very appealing to many companies. This is due to the fact that those services enable companies to easily scale up the use of applications, highly flexible and without having to attribute too many resources to it. When facing the decision on whether to outsource IT infrastructure to a third-party cloud service provider, companies have to answer some crucial questions. Aiding you in doing so, is the purpose of this article.
Table des matières
- Investing into local infrastructure or buy-in online solutions?
- Hybrid Cloud vs. Multi Cloud – what are the differences and which is the right architecture for your company?
- Encryption with Boxcryptor enables you to protect your data while having very high flexibility and free choice of your service provider
Investing into local infrastructure or buy-in online solutions?
The very first question, companies need to consider is the one described above. This is the decision on making an investment into local or cloud-based (online) IT infrastructure. The decisive aspects to be considered are security versus flexibility.
The local solution (i.e. NAS, File Server) is able to protect sensitive data more reliably by building a firewall around it. But in contrast, the local solution does not even come close to the flexibility that cloud-based solutions provide. This dilemma of security versus flexibility led to different models of IT infrastructure evolving.
In the following, we would like to introduce two models: Hybrid Cloud and Multi Cloud, with their respective advantages and disadvantages. Furthermore, we would like to show how to use those models with the highest possible level of security.
Hybrid Cloud vs. Multi Cloud – what are the differences and which is the right architecture for your company?
First of all, a distinction between the two models ‘Hybrid Cloud’ and ‘Multi Cloud’ has to be made. This distinction is essential due to the advantages and disadvantages that may result from some aspects, differentiating those models.
In simplified terms, the hybrid model represents a combination of privately and publicly owned cloud services, whilst the ‘Multi Cloud’ model abstains from investments into privately owned cloud services and sources all resources from the public cloud.
Hybrid Cloud Model – How does the Hybrid Cloud work and which advantages does it provide for your company?
Companies making use of the ‘Hybrid Cloud’ model are complementing their privately owned, internal IT infrastructure by external, publicly owned cloud services.
Critical data is thereby securely stored on a private cloud, protected by a firewall, while additional resources, like storage, computing power or other services might be upscaled externally, if needed.
The advantages of the ‘Hybrid Cloud’ model, are based therefore on:
- The possibility to store sensitive data behind a firewall on privately owned cloud services.
- The possibility to compensate for peaks in demand by flexibly adding additional resources from the public cloud
- The possibility to outsource applications (processes), where the static average is well known, without risking bottlenecks.
- The possibility to sort processes as critical and less critical and assign those to the best respective cloud (private or public).
What needs to be considered with regard to the ‘Hybrid Cloud’ is that a scalable solution with regard to sensitive (critical) data is not easily implemented. In face of the upcoming EU general data protection regulation (GDPR), this might subsequently result in costs for many companies. Because since May 25th 2018, far more data is considered to require special protection against fraudulent use. This implies that companies using the ‘Hybrid Cloud’ model need to be aware of the fact that more resources on the privately-owned cloud solution might become necessary. And more private resources are associated with increased costs for the internal cloud services.
Multi Cloud Model – How does the Multi Cloud work and which advantages does it provide for your company?
The biggest difference between the ‘Multi Cloud’ and the ‘Hybrid Cloud’ can be observed from the users’ perspective in using it. The ‘Multi Cloud’ is organizing the multitude of cloud-based services by the various different providers in a way that the user is experiencing all those services in a seamlessly integrated system. All processes and resources are provided by external sources (external cloud-service providers) and are managed centrally by a management tool to form an integrated system.
To exemplify the idea of the ‘Multi Cloud’ model, one can take a look on the production of a car by a car manufacturer. The supply chain of an automobile consists of multiple suppliers providing individual components. The automobile manufacturer assembles all the individual components to end up with a fully functional system (the car). The customer of a car experiences the car as a whole and is unlikely to experience the individual components by themselves. The ‘Multi Cloud’ model is based on the same principle – many cloud-based providers are supplying their service to the company and the company is compounding them with a cloud management tool to an integrated system with a seamless user experience.
The ‘Multi Cloud‘ model provides several strong benefits:
By using different cloud services, by different providers, companies drastically reduce the risk of loss of capacities in case a problem occurs with one of the providers.
- The ‘Multi Cloud’ model solves the issue that no single cloud service provider is suitable for all processes required by a company. A provider might be the ideal solution for one process-requirement, but thoroughly unsuitable for another, equally important process.
- Increase of availability, safeguarding against failure and a much more flexible acquisition of resources.
- Choosing a service mix of providers with high performance for processes with increased resource requirements and a less performance-oriented provider for processes that are non-critical has a positive impact on both, the performance of the services (processes) themselves and on the overall costs attributable to the IT infrastructure.
But of course, all those benefits come at a cost of some risks, adherent in this form of IT architecture, which should be considered with care. With an increase in bought-in services, logically the complexity of managing all those services increases as well. Furthermore, the increase in the number of interfaces (between different services), resulting from the multitude of bought-in services, brings about an increased number of possible sources of error.
The biggest issue of the ‘Multi Cloud’ model for most companies is most likely data protection, as well as internal and external compliance guidelines. Especially outsourcing of storage of critical and sensitive data (e.g. internal financial records or personal data concerning customers, partners and employees) is oftentimes incompatible with the rules of law or compliance guidelines.
Incompatibilities with internal compliance guidelines may be an issue, but the guidelines of external partners can prohibit the use of certain services as well.
The issues and risks associated with both models mentioned above cause a dilemma of choosing between a high performance, yet low cost IT infrastructure and a strong protection of critical and sensitive data. The solution for this dilemma is encryption.
Encryption with Boxcryptor enables you to protect your data while having very high flexibility and free choice of your service provider
Outsourcing data to third-party service providers does not result in a problem if the data transmitted remains encrypted all the time.
We at Boxcryptor offer premium end-to-end encryption for your data, seamlessly integrated into your existing IT infrastructure. The encryption of data happens in the background (without the user noticing it) and more importantly, the data is encrypted before it is synchronized with the server of an external provider.
Boxcryptor can be used with more than 30 cloud storage providers (including Dropbox, Google Drive, Microsoft One Drive and other important players on the market) and is furthermore capable of protecting the data on your privately owned NAS-environment or File Server. For this purpose, Boxcryptor uses a highly secure combination of AES- and RSA-encryption, based on the Zero-Knowledge principle. Following this principle, Boxcryptor does never know your password which is necessary to decrypt your data. Hence, the encrypted data remains accessible only with the respective Boxcryptor account and no one else is capable of decrypting or using the data.