Mitigating risk with a hybrid security pattern

Print Friendly, PDF & Email

Note:  This is the third of three posts in a series on Cloud Ready security patterns.  You can follow the entire Security Patterns series here, and follow the Barracuda Cloud Ready blog here.

So far in this series, we've discussed two of three security patterns regarding cloud security:

  • On-premises only
  • Cloud only
  • Hybrid on-premises and cloud

Today we'll talk about the third pattern:  the hybrid model.

The hybrid pattern of security is a combination of on-premises security and cloud-based security.  One example would be to have a Barracuda NextGen Firewall and Barracuda Backup on-premises, combined with a Barracuda Web Application Firewall on Azure to protect a cloud-based web application.  The hybrid pattern is currently the most widely used, and many companies end up in the hybrid pattern for some time as they undergo a staged migration to the cloud.  Furthermore, there is an implied promise of less risk and more security in the hybrid model, because it allows technology managers to adopt the public cloud to their various levels of comfort. 

Another driver for hybrid cloud adoption is regulatory compliance.  Some organizations walk a fine line in terms of embracing the opportunities of the cloud but not quite trusting cloud technologies with regulated data.  These companies may choose to keep their data on-premises and secure it with an on-premises firewall, while adopting SaaS options like Salesforce and Office 365, or putting application development in the cloud.

As you can see from the following graph, the Osterman Research – Barracuda survey revealed an increase in cloud-based security spending over the next two years:

The results show a planned 22% increase in cloud-based security investments.  These new cloud investments could come about for several reasons:

  • As part of a planned migration to the public cloud
  • A line of business application offers a new and more affordable SaaS option
  • A hardware refresh offers the opportunity to replace on-premises solution with cloud-based
  • Cloud prices are on a downward trend and have met the threshold set by the business
  • Cloud providers and Integrated Solution Providers have released the applications that the company needed

We can imagine many different reasons for the timing of a cloud migration, but they are ultimately all driven by risk-management.  It may be part of an active plan to move to the cloud, or an “opportunity buy” that promises higher productivity, or part of a corporate expansion plan that's necessary to solve connectivity and load balancing issues between sites.  Cloud migration is not just about the technology; it's about managing risk for the business.

The modern relationship between IT security and business priorities is moving closer to symbiosis.  As technology moves to the cloud, the technology managers are moving away from data centers and toward the business decision centers.  Technology managers are better able to drive value because they're not mired down in managing hardware.  The merging of IT and the business is doing away with the silos that drive up costs and reduce visibility between departments. 

To fully realize the benefits from a migration to cloud-based solutions, keep the following in mind:

  • Only an end-to-end, unified, holistic strategy can protect your organization.  Anything else will leave gaps and will be found by the new cybercriminals.
  • Your security plan has to be adaptable and agile to defend against the evolving threat landscape.
  •  No security strategy is complete without data recovery.

If you are considering a cloud migration, take a look at the Barracuda Cloud Ready Program.  This program offers free 90-day licenses for the Barracuda Web Application Firewall and the Barracuda NextGen Firewall in AWS and Microsoft Azure.  You can learn more about Cloud Ready here and see all of our public cloud solutions here.

The Osterman Research White Paper, Deploying and Managing Security in the Cloud, was first published in this blog post

Note:  This is the third of three posts in a series on Cloud Ready security patterns.  You can follow the entire Security Patterns series here, and follow the Barracuda Cloud Ready blog here.

Scroll to top